Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 20 May 2026 11:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Jaspersoft
Jaspersoft jasperreports Io At-scale Jaspersoft jasperreports Io Professional Jaspersoft jasperreports Library Community Edition Jaspersoft jasperreports Library Professional Jaspersoft jasperreports Server Jaspersoft jasperreports Web Studio Jaspersoft jaspersoft Studio Community Edition Jaspersoft jaspersoft Studio Professional |
|
| Vendors & Products |
Jaspersoft
Jaspersoft jasperreports Io At-scale Jaspersoft jasperreports Io Professional Jaspersoft jasperreports Library Community Edition Jaspersoft jasperreports Library Professional Jaspersoft jasperreports Server Jaspersoft jasperreports Web Studio Jaspersoft jaspersoft Studio Community Edition Jaspersoft jaspersoft Studio Professional |
Tue, 19 May 2026 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 19 May 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Java Deserialisation Vulnerability in Jaspersoft Reports Library leads to Remote Code Execution (RCE), potentially allowing code execution on the affected system | |
| Title | Jaspersoft Library Deserialisation Vulnerability | |
| Weaknesses | CWE-502 | |
| References |
| |
| Metrics |
cvssV4_0
|
Subscriptions
Status: PUBLISHED
Assigner: Jaspersoft
Published:
Updated: 2026-05-20T03:55:41.132Z
Reserved: 2026-04-09T14:16:26.621Z
Link: CVE-2026-6009
Updated: 2026-05-19T17:54:52.611Z
Status : Awaiting Analysis
Published: 2026-05-19T18:16:29.613
Modified: 2026-06-17T11:00:09.417
Link: CVE-2026-6009
No data.
OpenCVE Enrichment
Updated: 2026-05-20T10:39:09Z