CVE-2026-35052
D-Tale affected by Remote Code Execution through redis/shelf storage
CVSS Score
0.0
EPSS Score
0.4%
EPSS Percentile
64th
D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to 3.22.0, users hosting D-Tale publicly while using a redis or shelf storage layer could be vulnerable to remote code execution allowing attackers to run malicious code on the server. This vulnerability is fixed in 3.22.0.
| CWE | CWE-79 |
| Vendor | man-group |
| Product | dtale |
| Published | Apr 6, 2026 |
| Last Updated | Apr 7, 2026 |
Stay Ahead of the Next One
Get instant alerts for man-group dtale
Be the first to know when new unknown vulnerabilities affecting man-group dtale are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
man-group / dtale
< 3.22.0