CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Nuclei•added 2026/02/04 7:0 a.m.•65 views

SpringBlade - Information Leakage

SpringBlade is a comprehensive project upgraded and optimized from a commercial-grade project, featuring both a SpringCloud distributed microservice architecture and a SpringBoot monolithic microservice architecture. The SpringBlade framework has a default SIGNKEY, which can be exploited by...

6.7AI score

Exploits0References1

RedhatCVE•added 2026/01/27 3:20 a.m.•2 views

CVE-2025-70983

Incorrect access control in the authRoutes function of SpringBlade v4.5.0 allows attackers with low-level privileges to escalate privileges...

9.9CVSS5.9AI score0.00022EPSS

Exploits0References1

RedhatCVE•added 2026/01/27 3:20 a.m.•4 views

CVE-2025-70982

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive user data...

OSV•added 2026/01/26 5:16 p.m.•0 views

Exploits1References1

CVE-2025-70982

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive user data...

9.9CVSS5.5AI score

NVD•added 2026/01/26 5:16 p.m.•2 views

CVE-2025-70982

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive user data...

9.9CVSS0.00066EPSS

Vulnrichment•added 2026/01/26 12:0 a.m.•5 views

CVE-2025-70982

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive user data...

5.9AI score0.00066EPSS

Cvelist•added 2026/01/26 12:0 a.m.•24 views

CVE-2025-70982

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive user data...

0.00066EPSS

Positive Technologies•added 2026/01/26 12:0 a.m.•3 views

PT-2026-4774

Name of the Vulnerable Software and Affected Versions SpringBlade version 4.5.0 Description A flaw exists in the importUser function that allows attackers with limited privileges to import sensitive user data without proper authorization. The issue is due to incorrect access control...

CNNVD•added 2026/01/26 12:0 a.m.•1 views

Exploits1References8

SpringBlade security vulnerabilities

SpringBlade is a microservices development platform developed by Blade China. Version 4.5.0 of SpringBlade contains a security vulnerability. This vulnerability stems from improper access control in the importUser function, which may allow arbitrary import of sensitive user data...

CVE•added 2026/01/26 12:0 a.m.•8 views

CVE-2025-70982

CVE-2025-70982 affects SpringBlade v4.5.0 and stems from incorrect access control in the importUser function , enabling attackers with low-level privileges to arbitrarily import sensitive user data. The CVE is rated CRITICAL (CVSS 3.1: 9.9) with vectors: AV=N/AC=L/PR=L/UI=N/S=C/C=H/I=H/A=H. Impac...

Exploits1References3Affected Software1

ATTACKERKB•added 2026/01/26 12:0 a.m.•1 views

CVE-2025-70982

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive user data...

EUVD•added 2026/01/26 12:0 a.m.•4 views

Exploits1References4

EUVD-2025-206355

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive user data...

NVD•added 2026/01/23 7:15 p.m.•2 views

CVE-2025-70983

Incorrect access control in the authRoutes function of SpringBlade v4.5.0 allows attackers with low-level privileges to escalate privileges...

9.9CVSS0.00022EPSS

OSV•added 2026/01/23 7:15 p.m.•1 views

CVE-2025-70983

Incorrect access control in the authRoutes function of SpringBlade v4.5.0 allows attackers with low-level privileges to escalate privileges...

9.9CVSS5.5AI score

CVE•added 2026/01/23 12:0 a.m.•5 views

CVE-2025-70983

CVE-2025-70983 affects SpringBlade v4.5.0. A flaw in the authRoutes function implements incorrect access control, enabling attackers with low privileges to escalate to high privileges. Sources from multiple trackers (Red Hat, NVD, CVE lists, PT-Group) corroborate the description. The publicly sta...

9.9CVSS5.4AI score0.00022EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/01/23 12:0 a.m.•3 views

PT-2026-4522

Name of the Vulnerable Software and Affected Versions SpringBlade version 4.5.0 Description A flaw exists in the authRoutes function that allows attackers with limited privileges to gain higher-level access. The issue is related to incorrect access control within this function. Recommendations...

9.9CVSS5.3AI score0.00022EPSS

Exploits0References6

Cvelist•added 2026/01/23 12:0 a.m.•23 views

CVE-2025-70983

Incorrect access control in the authRoutes function of SpringBlade v4.5.0 allows attackers with low-level privileges to escalate privileges...

0.00022EPSS