CVE-2026-62348 in TDengineinformation

Résumé

par MITRE • 15/07/2026

TDengine is a time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, TDengine Enterprise allowed an authenticated low-privilege SQL user to run KILL SSMIGRATE <id> against an active shared-storage migration because mndProcessKillSsMigrateReq called mndKillSsMigrate while the intended MND_OPER_SSMIGRATE_DB privilege check was commented out. This issue is fixed in version 3.4.1.15.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsable

GitHub M

Réserver

13/07/2026

Divulgation

15/07/2026

Modérer

accepté

Entrée

VDB-379376

CPE

prêt

EPSS

0.00000

KEV

non

Activités

très faible

Sources

Interested in the pricing of exploits?

See the underground prices here!