CVE-2025-56819

Critical CVSS: 9.8

An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT connection parameter.

Vendor

Product

CWE

Yayın Tarihi

2025-09-24 16:15:38

Güncelleme

2025-10-10 21:30:04

Source Identifier

cve@mitre.org

KEV Date Added

CWE-78 Datart CRITICAL Running-elephant 2025

https://github.com/h2database/h2database https://github.com/xyyzxc/CVE-2025-56819 https://h2database.com/html/features.html#runscript

High

CVE-2025-70828

An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuratio…

Medium

CVE-2025-70829

An information exposure vulnerability in Datart v1.0.0-rc.3 allows authenticated attackers to access sensitive data via…

High

CVE-2025-56815

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal in the POST /viz/image interface, since the server directly uses…

High

CVE-2025-56816

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the application allows attack…