CVE-2025-26866 — A remote code execution vulnerability exists where a malicious Raft node can exploit insecure Hessian deserialization within the PD store. The fix enforces IP-based authentication to restrict cluster — CVE Database · The Intelligence Room