VYPR

Maven package

org.apache.hugegraph/hg-pd-core

pkg:maven/org.apache.hugegraph/hg-pd-core

Vulnerabilities (1)

  • CVE-2025-26866Dec 12, 2025
    affected < 1.7.0fixed 1.7.0

    A remote code execution vulnerability exists where a malicious Raft node can exploit insecure Hessian deserialization within the PD store. The fix enforces IP-based authentication to restrict cluster membership and implements a strict class whitelist to harden the Hessian seriali