PatchSiren cyber security CVE debrief
CVE-2026-62348 taosdata CVE debrief
CVE-2026-62348 is a medium-severity vulnerability in TDengine Enterprise, allowing an authenticated low-privilege SQL user to run KILL SSMIGRATE <id> against an active shared-storage migration. This issue is fixed in version 3.4.1.15. The vulnerability has a CVSS score of 5.4 and is classified as MEDIUM. The CVE record was published on 2026-07-15T19:18:37.107Z and has not been modified since then.
- Vendor
- taosdata
- Product
- TDengine
- CVSS
- MEDIUM 5.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-15
- Original CVE updated
- 2026-07-16
- Advisory published
- 2026-07-15
- Advisory updated
- 2026-07-16
Who should care
Users of TDengine Enterprise should be aware of this vulnerability and take steps to upgrade to version 3.4.1.15 or apply compensating controls. This vulnerability may impact operators, platforms, and security teams that use TDengine Enterprise.
Technical summary
Prior to 3.4.1.15, TDengine Enterprise allowed an authenticated low-privilege SQL user to run KILL SSMIGRATE <id> against an active shared-storage migration because mndProcessKillSsMigrateReq called mndKillSsMigrate while the intended MND_OPER_SSMIGRATE_DB privilege check was commented out. This vulnerability has a CVSS score of 5.4 and is classified as MEDIUM. The vulnerability affects TDengine Enterprise users with low-privilege SQL access, potentially allowing them to disrupt shared-storage migrations. Users should verify their deployments and plan for upgrades or mitigations. The CVE record was published on 2026-07-15T19:18:37.107Z and has not been modified since then. Limited information is available, so defenders should review the official advisory for more details.
Defensive priority
Medium
Recommended defensive actions
- Upgrade to TDengine Enterprise version 3.4.1.15 or later
- Restrict access to shared-storage migration functionality
- Monitor for suspicious activity related to KILL SSMIGRATE commands
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
Evidence notes
The CVE record was published on 2026-07-15T19:18:37.107Z and was last modified on 2026-07-16T20:16:47.320Z. The NVD entry is currently Deferred. There is limited information available about the vulnerability, and defenders should verify the affected scope and severity with the vendor. The CVE record does not provide detailed information about the vulnerability, so defenders should review the official advisory for more information.
Official resources
-
CVE-2026-62348 CVE record
CVE.org
-
CVE-2026-62348 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-15T19:18:37.107Z and has not been modified since then. The NVD entry is currently Deferred.