Back to overview

CVE-2026-62353

MEDIUM Exploitation: PoC
5.4
CVSS 3.1
Description
TDengine is a time-series database optimized for Internet of Things devices. Prior to 3.4.1.14, source/libs/parser/src/parTokenizer.c tGetToken() incremented past a trailing backslash in a SQL string literal such as 'abc\ and read one byte beyond the null terminator, allowing an authenticated user who can submit SQL queries to crash the server and possibly leak adjacent memory. This issue is fixed in version 3.4.1.14.

Metadata

CVE ID
CVE-2026-62353
State
PUBLISHED
Assigner
GitHub_M
Reserved
2026-07-13 21:42 UTC
Published
2026-07-15 19:08 UTC
Last updated
2026-07-15 19:28 UTC
Primary CWE
CWE-125
CWE-125: Out-of-bounds Read
Vendor / Product
taosdata / TDengine
Sources
cve.org  ·  NVD

Severity & Metrics

5.4 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
SSVC — CISA Coordinator
Exploitation
PoC
Automatable
no
Tech. Impact
partial
Affected products (1)
VendorProductPlatformVersions
taosdata TDengine < 3.4.1.14
Weakness (CWE)
CWESourceDescription
CWE-125 cna CWE-125: Out-of-bounds Read
CWE-126 cna CWE-126: Buffer Over-read
CVSS scores (1)
ScoreSeverityVersionSourceVector
5.4 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
References (1)
Back to overview