{
  "ticket_id": "CVE-2026-40900",
  "source": "cve",
  "cve_id": "CVE-2026-40900",
  "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40900",
  "references": [
    "https://nvd.nist.gov/vuln/detail/CVE-2026-40900",
    "https://www.cve.org/CVERecord?id=CVE-2026-40900",
    "https://www.ox.security/blog/from-auth-bypass-to-rce-a-4-vulnerability-exploit-chain-in-dataease/",
    "https://github.com/dataease/dataease",
    "https://github.com/dataease/dataease/releases/tag/v2.10.21"
  ],
  "published_at": "2026-05-20",
  "severity": "high",
  "cwe": ["CWE-89"],
  "cvss": {
    "nvd_v3_1_base_score": 8.8,
    "nvd_v3_1_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "nvd_v4_0_base_score": 8.7
  },
  "labels": ["security", "sql-injection", "stacked-queries", "dataease", "mysql", "spring-boot"],
  "state": "published"
}