Primary

Context

Talend JobServer and Talend Runtime Remote Code Execution Vulnerability

Vulnerability

Patched

A critical vulnerability allowing unauthenticated remote code execution has been identified in Talend JobServer versions prior to 8.0 (TPS-6017) and Talend Runtime versions prior to 8.0.1.R2026-01-RT or 7.3.1-R2026-01. The vulnerability arises from the JMX monitoring port, which can be exploited to execute arbitrary code on the server.

Impact

Exploitation of this vulnerability allows for full remote code execution on the affected Talend JobServer or Talend Runtime server.

Remediation

Users of Talend JobServer should upgrade to version 8.0 (TPS-6017) or 7.3 (TPS-6018). Talend Runtime users should upgrade to version 8.0.1.R2026-01-RT or 7.3.1-R2026-01.

Added: Apr 14, 2026, 3:20 AM

Updated: Apr 14, 2026, 3:20 AM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

6.4

remediation

7.9

relevance

5.9

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

6.4

remediation

7.9

relevance

5.9

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Talend JobServer and Talend Runtime Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Qlik Talend Runtime

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating