Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

DataDog — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting DataDog. AI-powered Chinese analysis, POCs, and references for each vulnerability.

DataDog provides cloud-scale monitoring and security analytics for infrastructure and applications. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and authentication flaws. While no major public security incidents have been widely reported, the platform maintains a moderate CVE count with 9 records to date. Security characteristics include its extensive agent-based architecture, which requires careful permission management, and its cloud-native integrations that expand potential attack surfaces. The platform's complexity increases exposure to misconfiguration risks, though its security team typically addresses reported vulnerabilities through timely patches.

Top products by DataDog: guarddog datadog-api-client-java import-in-the-middle dd-trace-cpp datadog-agent dd-trace-java
CVE IDTitleCVSSSeverityPublished
CVE-2026-33728 dd-trace-java: Unsafe deserialization in RMI instrumentation may lead to remote code execution — dd-trace-javaCWE-502 8.1 -2026-03-27
CVE-2026-22871 GuardDog Path Traversal Vulnerability Leads to Arbitrary File Overwrite and RCE — guarddogCWE-22 9.8AICriticalAI2026-01-13
CVE-2026-22870 GuardDog Zip Bomb Vulnerability in safe_extract() Allows DoS — guarddogCWE-409 7.5AIHighAI2026-01-13
CVE-2025-61667 Datadog Linux Host Agent affected by local privilege escalation due to insufficient pycache permissions — datadog-agentCWE-276 7.8 -2025-11-12
CVE-2024-38525 dd-trace-cpp malformed unicode header values may cause crash — dd-trace-cppCWE-20 7.5 High2024-06-28
CVE-2023-38704 import-in-the-middle allows unsanitized user controlled input in module generation — import-in-the-middleCWE-20 8.1 High2023-08-07
CVE-2022-23531 Arbitrary file write when scanning a specially-crafted local PyPI package — guarddogCWE-23 5.8 Medium2022-12-16
CVE-2022-23530 GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package — guarddogCWE-22 5.8 Medium2022-12-16
CVE-2021-21331 DataDog API Client contains a Local Information Disclosure Vulnerability — datadog-api-client-javaCWE-379 3.0 Low2021-03-03

This page lists every published CVE security advisory associated with DataDog. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.