PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-57172 dataease CVE debrief

CVE-2026-57172 is a high-severity vulnerability in DataEase, an open-source data visualization tool. The issue allows attackers to forge linkToken JWTs and gain unauthorized access to backend resources. This vulnerability exists in the ShareSecretManage component of DataEase, where a hardcoded default share link signature key is used. The vulnerability allows an attacker who can obtain a passwordless share for a resource and user to forge linkToken JWTs, bypass TokenFilter verification, and access backend resources as the share creator, even if the original share has been revoked.

Vendor
dataease
Product
Unknown
CVSS
HIGH 8.3
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-07
Original CVE updated
2026-07-07
Advisory published
2026-07-07
Advisory updated
2026-07-07

Who should care

Users of DataEase versions prior to 2.10.24 should apply the patch to prevent unauthorized access to backend resources. This includes operators, platform administrators, vulnerability management teams, and security teams who manage or monitor DataEase deployments.

Technical summary

The vulnerability exists in the ShareSecretManage component of DataEase, where a hardcoded default share link signature key is used. This allows an attacker who can obtain a passwordless share for a resource and user to forge linkToken JWTs, bypass TokenFilter verification, and access backend resources as the share creator, even if the original share has been revoked. The issue is fixed in version 2.10.24.

Defensive priority

High

Recommended defensive actions

  • Apply the patch to update to version 2.10.24 or later
  • Review and revoke any existing shares created with the hardcoded key
  • Monitor for suspicious activity related to share link signature key usage
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
  • Review compensating controls for exposed systems while remediation is scheduled and verified
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented

Evidence notes

The CVE record was published on 2026-07-07T21:17:28.223Z and has not been modified since then. The NVD entry is currently 8.3 HIGH. Evidence is limited to CVE and NVD details. Defenders should verify affected product scope, vendor guidance, and potential exposure.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-07T21:17:28.223Z and has not been modified since then.