CVE-2026-11618

HIGH 7.3

DTStack Taier Source Connection Test Endpoint LoginInterceptor.java preHandle improper authentication

CVSS Score

7.3

EPSS Score

0.1%

EPSS Percentile

22th

A vulnerability was determined in DTStack Taier up to 1.4.0. The affected element is the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInterceptor.java of the component Source Connection Test Endpoint. Executing a manipulation can lead to improper authentication. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This patch is called f95389e7f74acec42bcee079a616aaa06f9551d2. A patch should be applied to remediate this issue.

CWE	CWE-287
Vendor	dtstack
Product	taier
Published	Jun 9, 2026
Last Updated	Jun 9, 2026

Stay Ahead of the Next One

Get instant alerts for dtstack taier

Be the first to know when new high vulnerabilities affecting dtstack taier are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

DTStack / Taier

1.0 1.1 1.2 1.3 1.4.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/369299 vuldb.com: https://vuldb.com/vuln/369299/cti vuldb.com: https://vuldb.com/cve/CVE-2026-11618 vuldb.com: https://vuldb.com/submit/834008 github.com: https://github.com/DTStack/Taier/issues/1194 github.com: https://github.com/DTStack/Taier/commit/f95389e7f74acec42bcee079a616aaa06f9551d2 github.com: https://github.com/DTStack/Taier/

Credits

🔍 anch0r (VulDB User)