Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/02/21 7:26 a.m.5 views

CVE-2026-2819

A vulnerability was identified in Dromara RuoYi-Vue-Plus up to 5.5.3. This vulnerability affects the function SaServletFilter of the file /workflow/instance/deleteByInstanceIds of the component Workflow Module. The manipulation leads to missing authorization. The attack may be initiated remotely...

6.5CVSS6.1AI score0.00253EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/20 1:32 a.m.4 views

CVE-2026-2819

A vulnerability was identified in Dromara RuoYi-Vue-Plus up to 5.5.3. This vulnerability affects the function SaServletFilter of the file /workflow/instance/deleteByInstanceIds of the component Workflow Module. The manipulation leads to missing authorization. The attack may be initiated remotely...

6.5CVSS5.2AI score0.00253EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/02/20 1:32 a.m.25 views

CVE-2026-2819

The CVE concerns Dromara RuoYi-Vue-Plus (up to 5.5.3) with a flaw in the Workflow Module’s SaServletFilter handling the endpoint /workflow/instance/deleteByInstanceIds. The root cause is missing authorization, enabling a remote attacker to manipulate workflow instances. The description states the...

6.5CVSS5.2AI score0.00253EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/02 6:20 p.m.20 views

CVE-2025-6925

A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath...

6.9CVSS7AI score0.00864EPSS
Exploits1References1
NVD
NVD
added 2025/06/30 6:15 p.m.9 views

CVE-2025-6925

A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath...

9.1CVSS0.00864EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/30 6:2 p.m.13 views

CVE-2025-6925 Dromara RuoYi-Vue-Plus Mail MailController.java path traversal

A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath...

6.9CVSS0.00864EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/06/30 6:2 p.m.5 views

CVE-2025-6925 Dromara RuoYi-Vue-Plus Mail MailController.java path traversal

A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath...

6.9CVSS5.3AI score0.00864EPSS
Exploits1References5
OSV
OSV
added 2025/06/30 6:2 p.m.4 views

CVE-2025-6925 Dromara RuoYi-Vue-Plus Mail MailController.java path traversal

A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath...

6.9CVSS5.7AI score0.00864EPSS
Exploits1References7
CVE
CVE
added 2025/06/30 6:2 p.m.30 views

CVE-2025-6925

The CVE-2025-6925 entry affects Dromara RuoYi-Vue-Plus 5.4.0. The Mail Handler’s MailController.java exposes a vulnerability via manipulation of the filePath argument, causing path traversal. The issue is exploitable remotely and has publicly disclosed proof-of-concept information; vendor respons...

9.1CVSS5.3AI score0.00864EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/30 12:0 a.m.4 views

PT-2025-27469 · Dromara · Dromara Ruoyi-Vue-Plus

Name of the Vulnerable Software and Affected Versions: Dromara RuoYi-Vue-Plus version 5.4.0 Description: A critical issue has been discovered, affecting an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The...

6.9CVSS7AI score0.00864EPSS
Exploits1References8
Rows per page
Query Builder