CVE-2026-4285

A vulnerability was identified in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. Impacted is the function recognizeMarkdown of the file yudao-module-digitalcourse/yudao-module-digitalcourse-biz/src/main/java/cn/iocoder/yudao/module/digitalcourse/util/Pdf2MdUtil.java. Such...

CVE-2026-4285

A vulnerability was identified in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. Impacted is the function recognizeMarkdown of the file yudao-module-digitalcourse/yudao-module-digitalcourse-biz/src/main/java/cn/iocoder/yudao/module/digitalcourse/util/Pdf2MdUtil.java. Such...

easegen-admin 路径遍历漏洞

easegen-admin is a digital human course creation platform developed by taoofagi. Easegen-admin has a path traversal vulnerability, which stems from incorrect handling of the parameter fileUrl in the file...

CVE-2026-4285

CVE-2026-4285 affects taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. The vulnerable component is the function recognizeMarkdown in Pdf2MdUtil.java (yudao-module-digitalcourse-biz). The root cause is manipulation of the fileUrl argument, leading to a path traversal vulnerab...

CVE-2026-4284

CVE-2026-4284 affects taoofagi easegen-admin (up to commit 8f87936ac774065b92fb20aab55b274a6ea76433) with a vulnerability in PPT File Handler: PPTUtil.java, function downloadFile. Malicious manipulation of the url argument enables server-side request forgery (SSRF) and can be triggered remotely. ...