PatchSiren cyber security CVE debrief
CVE-2026-55631 dataease CVE debrief
CVE-2026-55631 is a HIGH severity vulnerability in DataEase open source data visualization and analysis tool, affecting its font management module. The vulnerability has a CVSS score of 7.2 and allows authenticated users to delete arbitrary writable files. Users should review the official CVE record and apply patches to prevent exploitation. The issue is fixed in version 2.10.24. Defenders should verify affected product deployments, review official advisories for scope, severity, and guidance, and apply mitigations. Evidence limits suggest that defenders confirm whether affected product deployments exist in managed environments and review compensating controls for exposed systems.
- Vendor
- dataease
- Product
- Unknown
- CVSS
- HIGH 7.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-07
- Original CVE updated
- 2026-07-07
- Advisory published
- 2026-07-07
- Advisory updated
- 2026-07-07
Who should care
Users of DataEase open source data visualization and analysis tool version prior to 2.10.24 should apply the patch to prevent arbitrary file deletion. Operators, platform administrators, vulnerability management teams, and security teams should review affected scope and apply mitigations.
Technical summary
The font management module in DataEase allows authenticated users to submit an arbitrary fileTransName when creating a font record. When the record is later deleted, the backend concatenates that stored value with the font storage directory and passes it to FileUtils.deleteFile() without path traversal sanitization, allowing deletion of arbitrary writable files in the application container. This issue is fixed in version 2.10.24.
Defensive priority
High
Recommended defensive actions
- Apply the patch to upgrade to version 2.10.24 or later
- Restrict access to the font management module
- Monitor for suspicious file deletion activity
- Review compensating controls for exposed systems
- Check relevant monitoring, detection, and logs for exposed assets
- Track exceptions and retest remediated assets
- Confirm whether affected product deployments exist in managed environments
Evidence notes
The CVE record was published on 2026-07-07T21:17:27.593Z and has not been modified since then. The NVD entry is currently being reviewed. Evidence limits suggest that defenders verify affected product deployments and review official advisories for scope, severity, and guidance. No additional information is available on known or unknown affected scope.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-07T21:17:27.593Z and has not been modified since then.