{"id":76069,"date":"2025-09-22T14:28:24","date_gmt":"2025-09-22T14:28:24","guid":{"rendered":""},"modified":"2025-10-05T06:15:36","modified_gmt":"2025-10-05T12:15:36","slug":"cve-2025-58748-critical-remote-code-execution-vulnerability-in-dataease-software","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-58748-critical-remote-code-execution-vulnerability-in-dataease-software\/","title":{"rendered":"CVE-2025-58748: Critical Remote Code Execution Vulnerability in Dataease Software<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

Dataease, a popular open-source data analytics and visualization platform, has been identified to contain a critical security vulnerability (CVE-2025-58748) that could expose systems to remote code execution. This vulnerability, present in versions up to 2.10.12, has far-reaching implications, threatening the security and integrity of data and systems where the application is deployed.
\nThe severity of the issue is underscored by the potential for system<\/a> compromise and data leakage, which could lead to significant operational disruption and financial loss for affected organizations. As such, this vulnerability warrants immediate attention and remediation.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-58748
\nSeverity: Critical (9.8\/10)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: Remote Code Execution<\/a>, Potential System Compromise, Data Leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n