LOW
Dataease
CVE published 2026-05-17
CVE-2026-8724
CVE-2026-8724 describes a SQL injection flaw affecting Dataease 2.10.20 in the Data Dashboard component, specifically the SqlparserUtils.transFilter function in SqlparserUtils.java. The issue is described as remotely reachable and the supplied record says public exploit material has been released. The published CVSS information is low overall, but the combination of SQL injection, remote reachability, and [truncated]