CVE-2026-11618 PUBLISHED

A vulnerability was determined in DTStack Taier up to 1.4.0. The affected element is the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInterceptor.java of the component Source Connection Test Endpoint. Executing a manipulation can lead to improper authentication. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This patch is called f95389e7f74acec42bcee079a616aaa06f9551d2. A patch should be applied to remediate this issue.

• anch0r (VulDB User) reporter

• VDB-369299 | DTStack Taier Source Connection Test Endpoint LoginInterceptor.java preHandle improper authentication
• VDB-369299 | CTI Indicators (IOB, IOC, IOA)
• CVE-2026-11618 | CVE Analysis and Report
• Submit #834008 | DTStack Taier <=1.0.0 Code Injection
• https://github.com/DTStack/Taier/issues/1194
• https://github.com/DTStack/Taier/commit/f95389e7f74acec42bcee079a616aaa06f9551d2
• https://github.com/DTStack/Taier/

• Improper Authentication CWE