{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6264", "assignerOrgId": "4ac701fe-44e9-4bcd-9585-dd6449257611", "state": "PUBLISHED", "assignerShortName": "Bugcrowd", "dateReserved": "2026-04-14T01:12:19.962Z", "datePublished": "2026-04-14T01:49:08.920Z", "dateUpdated": "2026-04-14T13:14:17.018Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "4ac701fe-44e9-4bcd-9585-dd6449257611", "shortName": "Bugcrowd", "dateUpdated": "2026-04-14T02:03:18.536Z"}, "title": "Critical Security fix for the Talend JobServer and Talend Runtime", "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-306 Missing Authentication for Critical Function"}]}], "affected": [{"vendor": "Talend", "product": "Talend JobServer", "versions": [{"version": "8.0", "status": "affected", "lessThan": "TPS-6017", "versionType": "custom"}, {"version": "7.3", "status": "affected", "lessThan": "TPS-6018", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Talend", "product": "Talend Runtime", "versions": [{"version": "8.0", "status": "affected", "lessThan": "8.0.1.R2026-01-RT", "versionType": "custom"}, {"version": "7.3", "status": "affected", "lessThan": "7.3.1-R2026-01", "versionType": "custom"}], "defaultStatus": "unaffected"}], "cpeApplicability": [{"operator": "OR", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:talend:jobserver:*:*:*:*:*:*:*:*", "versionEndExcluding": "TPS-6017"}, {"vulnerable": true, "criteria": "cpe:2.3:a:talend:esb_runtime:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.0.1.R2026-01-RT"}]}]}], "descriptions": [{"lang": "en", "value": "A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector is the JMX monitoring port of the Talend JobServer. The vulnerability can be mitigated for the Talend JobServer by requiring TLS client authentication for the monitoring port; however, the patch must be applied for full mitigation. For Talend ESB Runtime, the vulnerability can be mitigated by disabling the JobServer JMX monitoring port, which is disabled by default from the R2024-07-RT patch."}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}], "credits": [{"lang": "en", "value": "Harpreet Singh (@TheCyb3rAlphaProfession), Security Researcher"}], "references": [{"url": "https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fix-for-the-Qlik-Talend-JobServer-and-Talend/tac-p/2541974"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-6264", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-14T13:07:04.623162Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T13:14:17.018Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-6264", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-14T13:07:04.623162Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T13:08:52.873Z"}}], "cna": {"title": "Critical Security fix for the Talend JobServer and Talend Runtime", "credits": [{"lang": "en", "value": "Harpreet Singh (@TheCyb3rAlphaProfession), Security Researcher"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "Talend", "product": "Talend JobServer", "versions": [{"status": "affected", "version": "8.0", "lessThan": "TPS-6017", "versionType": "custom"}, {"status": "affected", "version": "7.3", "lessThan": "TPS-6018", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Talend", "product": "Talend Runtime", "versions": [{"status": "affected", "version": "8.0", "lessThan": "8.0.1.R2026-01-RT", "versionType": "custom"}, {"status": "affected", "version": "7.3", "lessThan": "7.3.1-R2026-01", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fix-for-the-Qlik-Talend-JobServer-and-Talend/tac-p/2541974"}], "descriptions": [{"lang": "en", "value": "A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector is the JMX monitoring port of the Talend JobServer. The vulnerability can be mitigated for the Talend JobServer by requiring TLS client authentication for the monitoring port; however, the patch must be applied for full mitigation. For Talend ESB Runtime, the vulnerability can be mitigated by disabling the JobServer JMX monitoring port, which is disabled by default from the R2024-07-RT patch."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-306 Missing Authentication for Critical Function"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:talend:jobserver:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "TPS-6017"}, {"criteria": "cpe:2.3:a:talend:esb_runtime:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "8.0.1.R2026-01-RT"}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "4ac701fe-44e9-4bcd-9585-dd6449257611", "shortName": "Bugcrowd", "dateUpdated": "2026-04-14T02:03:18.536Z"}}}, "cveMetadata": {"cveId": "CVE-2026-6264", "state": "PUBLISHED", "dateUpdated": "2026-04-14T13:14:17.018Z", "dateReserved": "2026-04-14T01:12:19.962Z", "assignerOrgId": "4ac701fe-44e9-4bcd-9585-dd6449257611", "datePublished": "2026-04-14T01:49:08.920Z", "assignerShortName": "Bugcrowd"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector is the JMX monitoring port of the Talend JobServer. The vulnerability can be mitigated for the Talend JobServer by requiring TLS client authentication for the monitoring port; however, the patch must be applied for full mitigation. For Talend ESB Runtime, the vulnerability can be mitigated by disabling the JobServer JMX monitoring port, which is disabled by default from the R2024-07-RT patch."}], "id": "CVE-2026-6264", "lastModified": "2026-04-14T03:16:09.050", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "4ac701fe-44e9-4bcd-9585-dd6449257611", "type": "Secondary"}]}, "published": "2026-04-14T03:16:09.050", "references": [{"source": "4ac701fe-44e9-4bcd-9585-dd6449257611", "url": "https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fix-for-the-Qlik-Talend-JobServer-and-Talend/tac-p/2541974"}], "sourceIdentifier": "4ac701fe-44e9-4bcd-9585-dd6449257611", "vulnStatus": "Received"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[8.0,8.0.1.R2026-01-RT)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[7.3,7.3.1-R2026-01)"}}], "enrichment": {"confidence": 82.0, "confidence_source": "matching", "scores": [{"score": 82.0, "source": "matching"}]}, "original": {"product": "Talend Runtime", "source": "cna", "vendor": "Talend"}, "product": "esb_runtime", "vendor": "talend"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[8.0,TPS-6017)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[7.3,TPS-6018)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Talend JobServer", "source": "cna", "vendor": "Talend"}, "product": "talend_jobserver", "vendor": "talend"}], "analysis": {"en": {"generated_at": "2026-04-14T04:50:47.497956+00:00", "value": {"mitigation_remediation": ["Apply the vendor\u2011released patch (R2024\u201107\u2011RT or equivalent) for Talend JobServer or Talend ESB Runtime as soon as possible.", "If immediate patching is not possible, enable TLS client authentication on the Talend JobServer JMX monitoring port as a temporary measure.", "For Talend ESB Runtime, disable the JMX monitoring port or restrict it to trusted networks."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "All releases of Talend JobServer and Talend ESB Runtime prior to the R2024\u201107\u2011RT update are affected. The patch for JobServer adds TLS client authentication to the JMX monitoring port, while the R2024\u201107\u2011RT patch disables the port by default for the ESB Runtime.", "description_and_impact": "The vulnerability enables an attacker who can reach the Talend JobServer or Talend ESB Runtime\u2019s JMX monitoring port to execute arbitrary code without authentication. This permits full compromise of the host, affecting confidentiality, integrity, and availability.", "risk_and_exploitability": "With a CVSS score of 9.8 the flaw is rated critical. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog. The attack vector is the JMX monitoring port, which can be accessed from an external network, making exploitation straightforward and highly likely when the oversight is present."}}}}, "created": "2026-04-14T16:16:04.253339+00:00", "updated": "2026-04-14T16:31:00.995665+00:00", "vendors": ["talend", "talend$PRODUCT$esb_runtime", "talend$PRODUCT$talend_jobserver"], "weaknesses": ["CWE-284", "CWE-287"]}