- CVE-2024-56180: Apache EventMesh: raft Hessian Deserialization Vulnerability allowing remote code execution
- CVE-2025-27103: Dataease Mysql JDBC Connection Parameters Not Verified Leads to Arbitrary File Read Vulnerability​
- CVE-2025-46566: Dataease redshift JDBC Connection Remote Code Execution
- CVE-2025-27526: Apache InLong: JDBC Vulnerability For URLEncode and backspace bypass
- CVE-2025-27528: Apache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File Read