THREATOPS
THREAT OPSThreat News › CVE-2026-40454: Apache IoTDB C++ client: Out-of-bounds reads in C++ client TsBlock deserializer crash client process on malformed server data

CVE-2026-40454: Apache IoTDB C++ client: Out-of-bounds reads in C++ client TsBlock deserializer crash client process on malformed server data

lowoss_secPublished 2026-07-10

<p>Posted by Haonan Hou on Jul 10</p>Severity: moderate <br /> <br /> Affected versions:<br /> <br /> - Apache IoTDB C++ client (client-cpp) 1.3.5 before 1.3.8<br /> - Apache IoTDB C++ client (client-cpp) 2.0.5 before 2.0.10<br /> <br /> Description:<br /> <br /> Out-of-bounds Read, Improper Input Validation vulnerability in Apache IoTDB C++ client.<br /> Out-of-bounds reads in IoTDB C++ client Ts

Indicators of compromise

Original source: https://seclists.org/oss-sec/2026/q3/118