Lucene search
K

67 matches found

RedhatCVE
RedhatCVE
added 2026/02/09 7:23 p.m.9 views

CVE-2026-2141

A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...

8.8CVSS5AI score0.00362EPSS
Exploits1References1
OSV
OSV
added 2026/02/08 8:15 a.m.5 views

CVE-2026-2141

A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...

8.8CVSS5.3AI score0.00362EPSS
Exploits1References4
NVD
NVD
added 2026/02/08 8:15 a.m.8 views

CVE-2026-2141

A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...

8.8CVSS0.00362EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/08 7:32 a.m.31 views

CVE-2026-2141 WuKongOpenSource WukongCRM URL PermissionServiceImpl.java improper authorization

A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...

6.5CVSS0.00362EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/08 7:32 a.m.5 views

CVE-2026-2141

A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...

6.5CVSS6AI score0.00362EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/02/08 7:32 a.m.8 views

EUVD-2026-5807

A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...

6.5CVSS6AI score0.00362EPSS
Exploits1References4
CVE
CVE
added 2026/02/08 7:32 a.m.27 views

CVE-2026-2141

CVE-2026-2141 affects WuKongOpenSource WukongCRM up to 11.3.3. The vulnerability is in the URL Handler portion, specifically gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java, where a manipulation leads to improper authorization. Remote exploitation is possible, a...

8.8CVSS6.1AI score0.00362EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/08 7:32 a.m.5 views

CVE-2026-2141 WuKongOpenSource WukongCRM URL PermissionServiceImpl.java improper authorization

A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...

6.5CVSS6AI score0.00362EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/08 12:0 a.m.14 views

WukongCRM 授权问题漏洞

WukongCRM is a Customer Relationship Management CRM system developed by Wukong Corporation in China. Versions of WukongCRM 11.3.3 and earlier contained an authorization vulnerability. This vulnerability stemmed from incorrect handling of a file in the component’s URL Handler, specifically the...

8.8CVSS6.6AI score0.00362EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.12 views

PT-2026-6968

Name of the Vulnerable Software and Affected Versions WuKongOpenSource WukongCRM versions through 11.3.3 Description A security flaw exists in WuKongOpenSource WukongCRM, specifically within the URL Handler component. The issue resides in the file...

8.8CVSS6.4AI score0.00679EPSS
Exploits1References13
RedhatCVE
RedhatCVE
added 2025/10/09 12:14 a.m.8 views

CVE-2025-60828

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...

6.5CVSS7.3AI score0.00326EPSS
Exploits1References1
NVD
NVD
added 2025/10/08 2:15 p.m.12 views

CVE-2025-60828

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...

6.5CVSS0.00326EPSS
Exploits1References2
OSV
OSV
added 2025/10/08 2:15 p.m.2 views

CVE-2025-60828

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...

6.5CVSS5.8AI score0.00326EPSS
Exploits1References2
CVE
CVE
added 2025/10/08 12:0 a.m.20 views

CVE-2025-60828

CVE-2025-60828 affects WukongCRM-9.0-JAVA through a fastjson deserialization vulnerability at the /OaExamine/setOaExamine endpoint. According to the NVD entry, the CVSSv3.1 base score is 6.5 (Medium): Network attack vector, no authentication required, user interaction not needed, with Confidentia...

6.5CVSS7AI score0.00326EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/10/08 12:0 a.m.8 views

CVE-2025-60828

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...

0.00326EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/10/08 12:0 a.m.4 views

CVE-2025-60828

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...

7AI score0.00326EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/10/08 12:0 a.m.8 views

PT-2025-41259

Name of the Vulnerable Software and Affected Versions WukongCRM version 9.0-JAVA Description The software contains a fastjson deserialization issue through the /OaExamine/setOaExamine API endpoint. The vulnerability is triggered via this interface. Recommendations At the moment, there is no...

6.5CVSS6.6AI score0.00326EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/08 12:0 a.m.7 views

EUVD-2025-33170

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...

6.5CVSS6.8AI score0.00326EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-17470

Malicious code in bioql PyPI...

5.1CVSS4.8AI score0.00247EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-52735

Malicious code in bioql PyPI...

9.8CVSS8.8AI score0.00675EPSS
Exploits0References2
Rows per page
Query Builder