Unity Linux 20.1060e / 20.1070e Security Update: mybatis (UTSA-2026-016634)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016634 advisory. MyBatis before 3.5.6 mishandles deserialization of object streams. Tenable has extracted the preceding description block directly from the Unity Linux security...

CVE-2026-7060

A vulnerability was determined in liyupi yu-picture up to a053632c41340152bf75b66b3c543d129123d8ec. This impacts the function PageRequest of the file yu-picture-backend/src/main/java/com/yupi/yupicturebackend/service/impl/PictureServiceImpl.java of the component MyBatis-Plus. Executing a...

EUVD-2026-25730

A vulnerability was determined in liyupi yu-picture up to a053632c41340152bf75b66b3c543d129123d8ec. This impacts the function PageRequest of the file yu-picture-backend/src/main/java/com/yupi/yupicturebackend/service/impl/PictureServiceImpl.java of the component MyBatis-Plus. Executing a...

CVE-2026-7060 liyupi yu-picture MyBatis-Plus PictureServiceImpl.java PageRequest sql injection

A vulnerability was determined in liyupi yu-picture up to a053632c41340152bf75b66b3c543d129123d8ec. This impacts the function PageRequest of the file yu-picture-backend/src/main/java/com/yupi/yupicturebackend/service/impl/PictureServiceImpl.java of the component MyBatis-Plus. Executing a...

CVE-2026-7060

Technical details (affected versions, exact file paths, patch info) are not publicly available in the provided documents. Monitor for updates.

yu-picture 注入漏洞

Yu-Picture is an intelligent cloud image library platform developed by Liyupi’s individual developers, designed for team collaboration. Yu-Picture has a vulnerability related to injection attacks. This vulnerability stems from improper handling of the sortField parameter in the PageRequest functi...

PT-2026-35240

A vulnerability was determined in liyupi yu-picture up to a053632c41340152bf75b66b3c543d129123d8ec. This impacts the function PageRequest of the file yu-picture-backend/src/main/java/com/yupi/yupicturebackend/service/impl/PictureServiceImpl.java of the component MyBatis-Plus. Executing a...

production_ssm 安全漏洞

productionssm is an ERP system developed by MegaGao’s individual developers, utilizing technologies such as Spring+SpringMVC+Mybatis, along with jQuery EasyUI. Version 1.0 of productionssm contains a security vulnerability. This vulnerability stems from the authorization bypass that occurs when...

forest 代码注入漏洞

Forest is a modern knowledge community backend project developed by RYMCU. It is implemented using SpringBoot, Shiro, MyBatis, JWT, and Redis. Versions of Forest 0.0.5 and earlier have a code injection vulnerability. This vulnerability stems from incorrect operations in the updateUserInfo functio...

EUVD-2019-13211

Malware in sbrugna...

EUVD-2021-0863

Malware in sbrugna...

EUVD-2022-30180

Malicious code in bioql PyPI...

EUVD-2025-13429

Malicious code in bioql PyPI...

EUVD-2023-1166

Malicious code in bioql PyPI...

EUVD-2024-35359

Malicious code in bioql PyPI...

EUVD-2022-5500

Malicious code in bioql PyPI...

CicadasCMS 代码注入漏洞

CicadasCMS is a content management framework based on SpringBoot Mybatis SpringSecurity Vue developed by westboy individual developers in China. A code injection vulnerability exists in CicadasCMS version 1.0, which originates from the incorrect operation of the parameter categoryName in the file...

openSUSE Security Advisory (SUSE-SU-2025:03285-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : mybatis, ognl (SUSE-SU-2025:03285-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:03285-1 advisory. Version update to 3.5.7: Bug fixes: - Improved performance under JDK 8. 2223 Version update to 3.5.8: List of changes: - Avoid NullPointerException when...

Security update for mybatis, ognl

This update for mybatis, ognl fixes the following issues: Version update to 3.5.7: Bug fixes: Improved performance under JDK 8. 2223 Version update to 3.5.8: List of changes: Avoid NullPointerException when mapping an empty string to java.lang.Character. 2368 Fixed an incorrect argument when...