CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Dataease: >> Dataease >> 2.10.10 Security Vulnerabilities

CVE-2025-49001

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.10, secret verification does not take effect successfully, so a user can use any secret to forge a JWT token. The vulnerability has been fixed in v2.10.10. No known workarounds are available.

CVSS Score

7.7

EPSS Score

0.005

Published

2025-06-03

Page 4

Vulnerabilities

Vulnerable Software

Dataease: >> Dataease >> 2.10.10 Security Vulnerabilities

Products

Pricing

Contact Us