Browse all 3 CVE security advisories affecting Talend. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Talend is an open-source data integration platform used for ETL processes, data quality management, and application integration. Historically, common vulnerabilities include remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and insecure default configurations. The platform has faced security incidents, including a 2020 vulnerability (CVE-2020-11635) allowing remote code execution through the REST API. With three current CVEs, Talend's security posture remains a concern, particularly for organizations relying on its data integration capabilities without implementing hardening measures. Regular patching and secure configuration are critical to mitigating risks associated with these vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-6264 | Critical Security fix for the Talend JobServer and Talend Runtime — Talend JobServer | 9.8 | Critical | 2026-04-14 |
| CVE-2021-4311 | Talend Open Studio for MDM XML xml external entity reference — Open Studio for MDMCWE-611 | 5.5 | Medium | 2023-01-09 |
| CVE-2022-4818 | Talend Open Studio for MDM SystemStorageWrapper.java xml external entity reference — Open Studio for MDMCWE-611 | 5.5 | Medium | 2022-12-28 |
This page lists every published CVE security advisory associated with Talend. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.