Talend Esb Runtime
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Talend Esb Runtime.
By the Year
In 2026 there have been 1 vulnerability in Talend Esb Runtime with an average score of 9.8 out of ten. Esb Runtime did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 9.80 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.20 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 9.10 |
It may take a day or so for new Esb Runtime vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Talend Esb Runtime Security Vulnerabilities
Talend JobServer RCE via unauth JMX Monitoring Port
CVE-2026-6264
9.8 - Critical
- April 14, 2026
A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector is the JMX monitoring port of the Talend JobServer. The vulnerability can be mitigated for the Talend JobServer by requiring TLS client authentication for the monitoring port; however, the patch must be applied for full mitigation. For Talend ESB Runtime, the vulnerability can be mitigated by disabling the JobServer JMX monitoring port, which is disabled by default from the R2024-07-RT patch.
SQLi in Talend ESB Runtime provisioning service pre-8.0.1/7.3.1
CVE-2022-45589
7.2 - High
- February 06, 2023
All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only. Users of the provisioning service should upgrade to either 8.0.1-R2022-10-RT or 7.3.1-R2022-09-RT or a later release and use it in place of the previous version.
SQL Injection
Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which
CVE-2021-40684
9.1 - Critical
- September 22, 2021
Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running in the container.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Talend Esb Runtime or by Talend? Click the Watch button to subscribe.
