Sign in Get started

← All advisories

High severity8.8NVD Advisory· Published Feb 17, 2026· Updated Apr 3, 2026

CVE-2025-70828

CVE-2025-70828

Description

An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration

Affected products

1

Running Elephant/Datart
cpe:2.3:a:running-elephant:datart:1.0.0:rc3:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

dev.mysql.com/doc/connector-j/en/connector-j-connprops-interceptor-classes-and-interfaces.htmlnvdBroken Link

News mentions

0

No linked articles in our index yet.