67 matches found
CVE-2026-2141
A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...
CVE-2026-2141
A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...
CVE-2026-2141
A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...
CVE-2026-2141 WuKongOpenSource WukongCRM URL PermissionServiceImpl.java improper authorization
A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...
CVE-2026-2141
A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...
EUVD-2026-5807
A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...
CVE-2026-2141
CVE-2026-2141 affects WuKongOpenSource WukongCRM up to 11.3.3. The vulnerability is in the URL Handler portion, specifically gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java, where a manipulation leads to improper authorization. Remote exploitation is possible, a...
CVE-2026-2141 WuKongOpenSource WukongCRM URL PermissionServiceImpl.java improper authorization
A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...
WukongCRM 授权问题漏洞
WukongCRM is a Customer Relationship Management CRM system developed by Wukong Corporation in China. Versions of WukongCRM 11.3.3 and earlier contained an authorization vulnerability. This vulnerability stemmed from incorrect handling of a file in the component’s URL Handler, specifically the...
PT-2026-6968
Name of the Vulnerable Software and Affected Versions WuKongOpenSource WukongCRM versions through 11.3.3 Description A security flaw exists in WuKongOpenSource WukongCRM, specifically within the URL Handler component. The issue resides in the file...
CVE-2025-60828
WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...
CVE-2025-60828
WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...
CVE-2025-60828
WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...
CVE-2025-60828
CVE-2025-60828 affects WukongCRM-9.0-JAVA through a fastjson deserialization vulnerability at the /OaExamine/setOaExamine endpoint. According to the NVD entry, the CVSSv3.1 base score is 6.5 (Medium): Network attack vector, no authentication required, user interaction not needed, with Confidentia...
CVE-2025-60828
WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...
CVE-2025-60828
WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...
PT-2025-41259
Name of the Vulnerable Software and Affected Versions WukongCRM version 9.0-JAVA Description The software contains a fastjson deserialization issue through the /OaExamine/setOaExamine API endpoint. The vulnerability is triggered via this interface. Recommendations At the moment, there is no...
EUVD-2025-33170
WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...
EUVD-2025-17470
Malicious code in bioql PyPI...
EUVD-2024-52735
Malicious code in bioql PyPI...