CVE-2025-26866
- EPSS 1.09%
- Veröffentlicht 12.12.2025 09:23:07
- Zuletzt bearbeitet 29.12.2025 17:20:58
A remote code execution vulnerability exists where a malicious Raft node can exploit insecure Hessian deserialization within the PD store. The fix enforces IP-based authentication to restrict cluster membership and implements a strict class whitelist...
CVE-2024-43441
- EPSS 85.85%
- Veröffentlicht 24.12.2024 12:15:21
- Zuletzt bearbeitet 01.07.2025 19:13:06
Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0. Users are recommended to upgrade to version 1.5.0, which fixes the issue.
CVE-2024-27348
- EPSS 94.34%
- Veröffentlicht 22.04.2024 14:15:07
- Zuletzt bearbeitet 23.10.2025 14:48:55
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which...
CVE-2024-27349
- EPSS 0.43%
- Veröffentlicht 22.04.2024 14:15:07
- Zuletzt bearbeitet 30.06.2025 13:43:20
Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue.