VYPR
Critical severityOSV Advisory· Published Jan 27, 2026· Updated Apr 15, 2026

CVE-2026-24815

CVE-2026-24815

Description

Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis (tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules). This vulnerability is associated with program files XmlFile.Java.

This issue affects tis: before v4.3.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Datavane/TisOSV2 versions
    V4.0.1, v2.1.0, v2.2.0, …+ 1 more
    • (no CPE)range: V4.0.1, v2.1.0, v2.2.0, …
    • (no CPE)range: <4.3.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.