CVE-2025-49002 – DataEase Case Insensitive Patch Bypass Vulnerability

CVE ID : CVE-2025-49002

Published : June 3, 2025, 9:15 p.m. | 1 hour, 15 minutes ago

Description : DataEase is an open source business intelligence and data visualization tool. Versions prior to version 2.10.10 have a flaw in the patch for CVE-2025-32966 that allow the patch to be bypassed through case insensitivity because INIT and RUNSCRIPT are prohibited. The vulnerability has been fixed in v2.10.10. No known workarounds are available.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…