Maven package
org.apache.hugegraph/hg-pd-core
pkg:maven/org.apache.hugegraph/hg-pd-core
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-26866 | — | < 1.7.0 | 1.7.0 | Dec 12, 2025 | A remote code execution vulnerability exists where a malicious Raft node can exploit insecure Hessian deserialization within the PD store. The fix enforces IP-based authentication to restrict cluster membership and implements a strict class whitelist to harden the Hessian seriali |
- CVE-2025-26866Dec 12, 2025affected < 1.7.0fixed 1.7.0
A remote code execution vulnerability exists where a malicious Raft node can exploit insecure Hessian deserialization within the PD store. The fix enforces IP-based authentication to restrict cluster membership and implements a strict class whitelist to harden the Hessian seriali