Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

16 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-31176

Malicious code in bioql PyPI...

5.3CVSS4.1AI score0.00038EPSS
Exploits1References5
CNVD
CNVDadded 2025/09/28 12:0 a.m.1 views

JeecgBoot Authorization Issues Vulnerability (CNVD-2025-23073)

JeecgBoot is an open source low-code development platform based on the code generator of Beijing National Torch Information Technology Co. A security vulnerability exists in JeecgBoot 3.8.2 and earlier versions, which stems from improper authorization of the ids parameter in the...

5.3CVSS7AI score0.00038EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/09/26 10:39 p.m.6 views

CVE-2025-10977

A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The...

5.3CVSS6.2AI score0.00038EPSS
Exploits1References1
NVD
NVDadded 2025/09/25 11:15 p.m.3 views

CVE-2025-10977

A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The...

5.3CVSS0.00038EPSS
Exploits1References4
OSV
OSVadded 2025/09/25 11:15 p.m.2 views

CVE-2025-10977

A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The...

5.3CVSS6.3AI score
Exploits0References4
CVE
CVEadded 2025/09/25 10:32 p.m.14 views

CVE-2025-10977

CVE-2025-10977 affects JeecgBoot up to version 3.8.2. Affected is an unknown function in the file /sys/tenant/deleteBatch where manipulation of the ids argument leads to improper authorization. The vulnerability can be exploited remotely and is described with high attack complexity; exploits are ...

5.3CVSS4AI score0.00038EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2025/09/25 10:32 p.m.5 views

CVE-2025-10977 JeecgBoot deleteBatch improper authorization

A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The...

3.1CVSS0.00038EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2025/09/25 12:0 a.m.2 views

PT-2025-39461

Name of the Vulnerable Software and Affected Versions JeecgBoot versions up to 3.8.2 Description A flaw exists in JeecgBoot that allows for improper authorization. This is due to the manipulation of the ids argument within an unknown function of the /sys/tenant/deleteBatch file. The attack can be...

5.3CVSS3.5AI score0.00038EPSS
Exploits1References8
CNNVD
CNNVDadded 2025/09/25 12:0 a.m.1 views

JeecgBoot 授权问题漏洞

JeecgBoot is an open source low-code development platform based on the code generator of Beijing National Torch Information Technology Co. A security vulnerability exists in JeecgBoot 3.8.2 and earlier versions, which stems from improper authorization of the ids parameter in the...

5.3CVSS6.9AI score0.00038EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/08/13 10:33 a.m.3 views

CVE-2025-8840

A vulnerability was determined in jshERP up to 3.5. Affected is an unknown function of the file /jshERP-boot/user/deleteBatch of the component Endpoint. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclos...

8.1CVSS7.3AI score0.00412EPSS
Exploits2References1
NVD
NVDadded 2025/08/11 10:15 a.m.1 views

CVE-2025-8840

A vulnerability was determined in jshERP up to 3.5. Affected is an unknown function of the file /jshERP-boot/user/deleteBatch of the component Endpoint. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclos...

5.5CVSS0.00092EPSS
Exploits1References5
OSV
OSVadded 2025/08/11 10:15 a.m.2 views

CVE-2025-8840

A vulnerability was determined in jshERP up to 3.5. Affected is an unknown function of the file /jshERP-boot/user/deleteBatch of the component Endpoint. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclos...

5.3CVSS6.9AI score
Exploits0References5
CVE
CVEadded 2025/08/11 9:32 a.m.18 views

CVE-2025-8840

Summary (CVE-2025-8840, jshERP): Up to version 3.5, jshERP’s Endpoint component exposes an authorization flaw in the file /jshERP-boot/user/deleteBatch where manipulation of the argument ids enables a remote attack. Public exploit disclosure is noted. Several sources corroborate an improper autho...

5.5CVSS7.2AI score0.00092EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2025/08/11 9:32 a.m.1 views

CVE-2025-8840 jshERP Endpoint deleteBatch improper authorization

A vulnerability was determined in jshERP up to 3.5. Affected is an unknown function of the file /jshERP-boot/user/deleteBatch of the component Endpoint. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclos...

5.5CVSS7.2AI score0.00092EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/08/11 12:0 a.m.2 views

jshERP 安全漏洞

jshERP Huaxia ERP is a homegrown ERP system by the individual developer of Ji Sheng Hua in China. A security vulnerability exists in jshERP Huaxia ERP version 3.5 and earlier, which originates from an authorization flaw due to improper handling of parameter ids in file /jshERP-boot/user/deleteBat...

5.5CVSS5.5AI score0.00092EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2025/08/11 12:0 a.m.2 views

PT-2025-32534 · Jsherp · Jsherp

Name of the Vulnerable Software and Affected Versions: jshERP versions prior to 3.6 Description: A vulnerability exists in jshERP up to version 3.5. An unknown function within the file /jshERP-boot/user/deleteBatch of the Endpoint component is affected. Manipulation of the argument ids leads to...

5.5CVSS5.3AI score0.00092EPSS
Exploits1References10
Rows per page
Query Builder