Skip to content

CVE lookup

CVE-2026-40900

Pruva has a verified reproduction for CVE-2026-40900: DataEase: stacked-query SQL injection via previewSql with allowMultiQueries. The canonical evidence record is REPRO-2026-00169.

REPRO

REPRO-2026-00169

Package

dataease · github

Severity

HIGH

Status

published