CVE-2025-27526 – Apache InLong Deserialization of Untrusted Data JDBC Vulnerability

CVE ID : CVE-2025-27526

Published : May 28, 2025, 8:15 a.m. | 1 hour, 27 minutes ago

Description : Deserialization of Untrusted Data vulnerability in Apache InLong.

This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability which can lead to JDBC Vulnerability URLEncdoe and backspace bypass. Users are advised to upgrade to Apache InLong’s 2.2.0 or cherry-pick [1] to solve it.

[1]  https://github.com/apache/inlong/pull/11747

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…