Description
TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are required. Version 3.4.1.6 fixes the issue.
Published: 2026-06-10
Score: 7.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an integer underflow in the routine that retrieves user information. An unauthenticated attacker can send a single crafted RPC packet to the taosd server, causing it to crash. The result is a denial of service that disrupts the availability of TDengine services. This flaw originates from improper bounds checking of a data field, classified as CWE-191.

Affected Systems

The affected product is TDengine by TaosData. Versions from 3.4.0.0 to 3.4.1.5 are impacted. Version 3.4.1.6 includes the fix.

Risk and Exploitability

The CVSS score is 7.5, indicating a high severity. No EPSS score is available, so the public exploit probability is unclear. The vulnerability is not listed in CISA’s KEV catalog. An attacker can exploit it remotely without authentication by sending a specially crafted RPC packet to the taosd process. The attack requires network connectivity to the TDengine server and can be performed from any host.

Generated by OpenCVE AI on June 10, 2026 at 22:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade TDengine to version 3.4.1.6 or newer, which contains the integer underflow fix.
  • Restrict network access to the taosd service by configuring firewall rules to allow traffic only from trusted hosts.
  • After applying the update, restart the taosd service to ensure a clean state and confirm services resume operation.
  • Continuously monitor server logs for crash events and investigate any abnormal RPC traffic patterns.

Generated by OpenCVE AI on June 10, 2026 at 22:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 10 Jun 2026 21:00:00 +0000

Type Values Removed Values Added
Description TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are required. Version 3.4.1.6 fixes the issue.
Title TDengine has an integer underflow in uvConnMayGetUserInfo() allows unauthenticated remote crash (DoS)
Weaknesses CWE-191
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-10T20:32:38.985Z

Reserved: 2026-04-28T16:56:50.190Z

Link: CVE-2026-42542

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-10T22:16:57.527

Modified: 2026-06-10T22:16:57.527

Link: CVE-2026-42542

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-10T23:00:20Z

Weaknesses