Datavane Tis vulnerabilities
2 known vulnerabilities affecting datavane/tis.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2026-24815P2CRITICALCVSS 10.0fixed in v4.3.02026-01-27
CVE-2026-24815 [CRITICAL] CWE-434 CVE-2026-24815: Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in
Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis (tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules). This vulnerability is associated with program files XmlFile.Java.
This issue affects tis: before v4.3.0.
nvd
CVE-2026-24816P3CRITICALCVSS 10.0fixed in v4.3.02026-01-27
CVE-2026-24816 [CRITICAL] CWE-835 CVE-2026-24816: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in datavane tis (tis-console/sr
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in datavane tis (tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules). This vulnerability is associated with program files ChangeDomainAction.Java.
This issue affects tis: before v4.3.0.
nvd