{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24816", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "state": "PUBLISHED", "assignerShortName": "GovTech CSG", "dateReserved": "2026-01-27T08:48:56.893Z", "datePublished": "2026-01-27T08:53:03.785Z", "dateUpdated": "2026-01-27T20:39:27.760Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://github.com/datavane/tis", "defaultStatus": "unaffected", "modules": ["tis-console/src/main/java/com/qlangtech/tis/runtime/module/action"], "product": "tis", "programFiles": ["ChangeDomainAction.java"], "vendor": "datavane", "versions": [{"lessThan": "v4.3.0", "status": "affected", "version": "0", "versionType": "git"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "TITAN Team (titancaproject@gmail.com)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in datavane tis (tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules).<p> This vulnerability is associated with program files <tt>ChangeDomainAction.Java</tt>.</p><p>This issue affects tis: before v4.3.0.</p>"}], "value": "Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in datavane tis (tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules). This vulnerability is associated with program files ChangeDomainAction.Java.\n\nThis issue affects tis: before v4.3.0."}], "metrics": [{"cvssV4_0": {"Automatable": "YES", "Recovery": "USER", "Safety": "PRESENT", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 10, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "RED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L/S:P/AU:Y/R:U/V:C/RE:M/U:Red", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-835", "description": "CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-01-27T08:53:03.785Z"}, "references": [{"tags": ["patch"], "url": "https://github.com/datavane/tis/pull/444"}], "source": {"discovery": "UNKNOWN"}, "title": "Cookie Security Vulnerabilities in datavane/tis", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-27T20:39:15.753677Z", "id": "CVE-2026-24816", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T20:39:27.760Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24816", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-27T20:39:15.753677Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T20:39:24.032Z"}}], "cna": {"title": "Cookie Security Vulnerabilities in datavane/tis", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "TITAN Team (titancaproject@gmail.com)"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "PRESENT", "version": "4.0", "Recovery": "USER", "baseScore": 10, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L/S:P/AU:Y/R:U/V:C/RE:M/U:Red", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "RED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "datavane", "modules": ["tis-console/src/main/java/com/qlangtech/tis/runtime/module/action"], "product": "tis", "versions": [{"status": "affected", "version": "0", "lessThan": "v4.3.0", "versionType": "git"}], "programFiles": ["ChangeDomainAction.java"], "collectionURL": "https://github.com/datavane/tis", "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/datavane/tis/pull/444", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in datavane tis (tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules). This vulnerability is associated with program files ChangeDomainAction.Java.\n\nThis issue affects tis: before v4.3.0.", "supportingMedia": [{"type": "text/html", "value": "Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in datavane tis (tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules).<p> This vulnerability is associated with program files <tt>ChangeDomainAction.Java</tt>.</p><p>This issue affects tis: before v4.3.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-835", "description": "CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-01-27T08:53:03.785Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24816", "state": "PUBLISHED", "dateUpdated": "2026-01-27T20:39:27.760Z", "dateReserved": "2026-01-27T08:48:56.893Z", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "datePublished": "2026-01-27T08:53:03.785Z", "assignerShortName": "GovTech CSG"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in datavane tis (tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules). This vulnerability is associated with program files ChangeDomainAction.Java.\n\nThis issue affects tis: before v4.3.0."}, {"lang": "es", "value": "Vulnerabilidad de bucle con condici\u00f3n de salida inalcanzable ('Bucle Infinito') en datavane tis (m\u00f3dulos tis-console/src/main/java/com/qlangtech/tis/runtime/module/action). Esta vulnerabilidad est\u00e1 asociada con los archivos de programa ChangeDomainAction.Java.\n\nEste problema afecta a tis: antes de la v4.3.0."}], "id": "CVE-2026-24816", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "USER", "Safety": "PRESENT", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "RED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:U/V:C/RE:M/U:Red", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "source": "cve_disclosure@tech.gov.sg", "type": "Secondary"}]}, "published": "2026-01-27T09:15:52.110", "references": [{"source": "cve_disclosure@tech.gov.sg", "url": "https://github.com/datavane/tis/pull/444"}], "sourceIdentifier": "cve_disclosure@tech.gov.sg", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-835"}], "source": "cve_disclosure@tech.gov.sg", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T02:21:21.900210+00:00", "value": {"mitigation_remediation": ["Upgrade to datavane/tis version 4.3.0 or later to remove the infinite loop code", "If an upgrade is not immediately possible, disable or block access to the ChangeDomainAction endpoint to prevent execution of the vulnerable loop", "Apply a temporary code patch that adds a safe termination condition in the loop before deploying the official update"], "summary": {"action": "Immediate Patch", "impact": "Denial of Service (Infinite Loop)"}, "threat_synthesis": {"affected_systems": "The circular loop originates in the datavane/tis application, specifically before version 4.3.0. Any installations of datavane:tis older than 4.3.0 are susceptible. The affected module resides in the tis-console/src/main/java/com/qlangtech/tis/runtime/module/action directories and is associated with the ChangeDomainAction.Java source file.", "description_and_impact": "The vulnerability is a loop with an unreachable exit condition in the ChangeDomainAction module of datavane/tis. This causes an infinite loop when the affected action is executed, which can exhaust CPU or memory resources and make the application unresponsive. The weakness is categorized as CWE-835, indicating that the program never reaches a termination point during normal operation. The primary impact is a denial of service that can affect all users of the affected instance.", "risk_and_exploitability": "The CVSS score for this issue is 10, indicating critical severity. The EPSS score is less than 1%, meaning the likelihood of exploitation is very low at present, and it is not listed in the CISA KEV catalog. The likely attack vector is a user action that triggers the domain change logic, such as submitting a request to the change domain endpoint. An attacker who can invoke this action could force the application into an endless loop, causing service disruption. The low EPSS score suggests that exploitation may not yet be observed in the wild, but the critical severity requires immediate attention."}}}}, "created": "2026-01-27T20:16:54.410901+00:00", "updated": "2026-04-18T02:30:15.861462+00:00", "vendors": ["datavane", "datavane$PRODUCT$tis"]}