CVE-2026-24015: Apache IoTDB has an Insecure Default Configuration Vulnerability

Severity: Critical

CVSS Score: 9.8

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue.