Running-elephant Datart — known CVE vulnerabilities
Every CVE whose affected-product data names Running-elephant Datart, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-56819 — CVSS 9.8 (critical): An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT connection parameter.
CVE-2025-56816 — CVSS 8.8 (high): Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the application allows attackers to upload…
CVE-2025-70828 — CVSS 8.8 (high): An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration
CVE-2025-56815 — CVSS 7.1 (high): Datart 1.0.0-rc.3 is vulnerable to Directory Traversal in the POST /viz/image interface, since the server directly uses…
CVE-2025-70829 — CVSS 5.7 (medium): An information exposure vulnerability in Datart v1.0.0-rc.3 allows authenticated attackers to access sensitive data via a custom H2 JDBC…