PatchSiren cyber security CVE debrief
CVE-2026-45534 dataease CVE debrief
CVE-2026-45534 is a critical remote code execution vulnerability in DataEase Redshift datasource connections prior to version 2.10.23. The issue arises from the loading of attacker-controlled rsjdbc.ini configuration from System.getProperty('java.io.tmpdir'), which can lead to the execution of a reflection-based remote code execution chain during a normal JDBC connection. This vulnerability has a CVSS score of 9 and is considered CRITICAL. Users of DataEase versions prior to 2.10.23 who utilize Redshift datasource connections should be aware of this critical vulnerability and take immediate action to upgrade to the patched version.
- Vendor
- dataease
- Product
- Unknown
- CVSS
- CRITICAL 9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-15
- Original CVE updated
- 2026-07-16
- Advisory published
- 2026-07-15
- Advisory updated
- 2026-07-16
Who should care
Users of DataEase versions prior to 2.10.23 who utilize Redshift datasource connections should be aware of this critical vulnerability and take immediate action to upgrade to the patched version. This includes operators, platform administrators, vulnerability management teams, and security teams who need to review and mitigate this vulnerability.
Technical summary
The vulnerability exists in DataEase Redshift datasource connections due to the loading of attacker-controlled rsjdbc.ini configuration from System.getProperty('java.io.tmpdir'). This allows for the execution of a reflection-based remote code execution chain during a normal JDBC connection through io.dataease.datasource.type.Redshift. The issue is fixed in version 2.10.23. Affected users should verify their deployments, review official advisories for affected scope and vendor guidance, and take immediate action to upgrade to the patched version to mitigate this critical vulnerability.
Defensive priority
High
Recommended defensive actions
- Upgrade to DataEase version 2.10.23 or later
- Review and restrict access to Redshift datasource connections
- Monitor for suspicious activity on JDBC connections
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
Evidence notes
The CVE record was published on 2026-07-15T20:17:04.593Z and has been modified on 2026-07-16T14:16:52.293Z. The NVD entry is currently Deferred. The vulnerability exists in DataEase Redshift datasource connections due to the loading of attacker-controlled rsjdbc.ini configuration from System.getProperty('java.io.tmpdir'). This allows for the execution of a reflection-based remote code execution chain during a normal JDBC connection through io.dataease.datasource.type.Redshift. The issue is fixed in version 2.10.23. Users should verify their deployments and review official advisories for affected scope and vendor guidance.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-15T20:17:04.593Z and has not been modified since then. The NVD entry is currently Deferred.