CVE-2026-53751 PUBLISHED

DataEase: H2 JDBC URL Filter Bypass Leads to Remote Code Execution (RCE)

Assigner: GitHub_M
Reserved: 10.06.2026 Published: 07.07.2026 Updated: 08.07.2026

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the H2 database JDBC URL validation logic can be bypassed with special Unicode characters whose case-conversion behavior differs between DataEase validation and H2 parsing, allowing attackers to smuggle dangerous parameters such as init in malicious H2 JDBC connection strings and achieve arbitrary code execution. This issue is fixed in version 2.10.24.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score: 8.7

Product Status

Vendor dataease
Product dataease
Versions
  • Version < 2.10.24 is affected

References

Problem Types

  • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE