Back to search
CVE-2026-35052
Published: Apr 6, 2026
Modified: Apr 7, 2026
PUBLISHED
Description
D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to 3.22.0, users hosting D-Tale publicly while using a redis or shelf storage layer could be vulnerable to remote code execution allowing attackers to run malicious code on the server. This vulnerability is fixed in 3.22.0.
| Vendor | Product | Versions |
|---|---|---|
man-group | dtale | affected < 3.22.0 |
Weaknesses (CWE)
References
https://github.com/man-group/dtale/security/advisories/GHSA-436g-fhfc-9g5w
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now