22 matches found
CVE-2026-9498
A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument DefMsgTemplate.content leads to improper neutralization of special elements used in a template engin...
CVE-2026-9498
Technical details are not publicly available in the provided documents. Monitor for updates.
EUVD-2026-31733
A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument DefMsgTemplate.content leads to improper neutralization of special elements used in a template engin...
CVE-2026-9498
A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument DefMsgTemplate.content leads to improper neutralization of special elements used in a template engin...
CVE-2026-9498 Dromara lamp-cloud Message Template GroovyClassLoader.parseClass special elements used in a template engine
A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument DefMsgTemplate.content leads to improper neutralization of special elements used in a template engin...
Dromara Lamp-Cloud 安全漏洞
Dromara Lamp-Cloud is dromara open source based on Jdk11 SpringCloud SpringBoot development of microservices in the backend rapid development platform . Dromara lamp-cloud 5.6.2 and earlier versions of a security vulnerability , the vulnerability stems from the Message Template Handler component ...
PT-2026-43117
A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument DefMsgTemplate.content leads to improper neutralization of special elements used in a template engin...
EUVD-2026-19007
A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now...
CVE-2026-5529
A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now...
CVE-2026-5529 Dromara lamp-cloud DefUserController pageUser improper authorization
A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now...
CVE-2026-5529
A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now...
Dromara Lamp-Cloud 授权问题漏洞
Dromara Lamp-Cloud is an open-source rapid development platform for microservices, built using Jdk11, SpringCloud, and SpringBoot. Versions of Dromara Lamp-Cloud 5.8.1 and earlier have a licensing issue vulnerability, which stems from improper authorization in the pageUser function...
EUVD-2023-3064
Malicious code in bioql PyPI...
GHSA-XR8C-MQ5X-5F56 Dromara Lamp-Cloud Use of Hard-coded Cryptographic Key
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the application via a crafted JWT token...
Dromara Lamp-Cloud Use of Hard-coded Cryptographic Key
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the application via a crafted JWT token...
CVE-2023-31579
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the application via a crafted JWT token...
CVE-2023-31579
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the application via a crafted JWT token...
Hardcoded credentials
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the application via a crafted JWT token...
CVE-2023-31579
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the application via a crafted JWT token...
CVE-2023-31579
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the application via a crafted JWT token...