CVE-2026-6264
Published: 14 April 2026
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2026-6264 is a critical vulnerability (CVSS 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) in the Talend JobServer and Talend Runtime that enables unauthenticated remote code execution via the JMX monitoring port. Published on 2026-04-14, the flaw affects the JMX monitoring port of the Talend JobServer specifically, allowing attackers to execute arbitrary code on affected systems.
Unauthenticated remote attackers can exploit this vulnerability over the network with low complexity and no privileges or user interaction required. Successful exploitation grants high-impact access to confidentiality, integrity, and availability, potentially leading to full system compromise.
The official advisory recommends mitigation for Talend JobServer by requiring TLS client authentication on the monitoring port, though a patch is required for complete protection. For Talend ESB Runtime, disabling the JobServer JMX monitoring port mitigates the issue, and it is disabled by default starting from the R2024-07-RT patch. Details are available at https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fix-for-the-Qlik-Talend-JobServer-and-Talend/tac-p/2541974.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
CVE-2026-6264 enables unauthenticated remote code execution via an exposed JMX monitoring port on a network-accessible service, directly mapping to T1190 (Exploit Public-Facing Application).