Is there a public PoC exploit available for CVE-2025-8226?

Yes, a public proof-of-concept exploit is available for CVE-2025-8226. Prioritise patching immediately. EPSS: 0.1%.

ChanCMS CVE-2025-8226

Q: What is the CVSS score of CVE-2025-8226?

CVE-2025-8226 has a CVSS 4.0 base score of 2.1 (Low). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

LOW

Information Exposure (CWE-200)

2025-07-27 cna@vuldb.com

Information Disclosure Chancms

2.1

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

2.1 LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Apr 29, 2026 - 01:50 vuln.today

DescriptionCVE.org

A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been classified as problematic. Affected is an unknown function of the file /sysApp/find. The manipulation of the argument accessKey/secretKey leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.3 is able to address this issue. It is recommended to upgrade the affected component.

AnalysisAI

ChanCMS up to version 3.1.2 permits information disclosure through improper validation of accessKey and secretKey parameters in the /sysApp/find endpoint, allowing authenticated remote attackers to access sensitive data. The vulnerability has a low CVSS score of 2.1 (CVSS:4.0/AV:N/AC:L/PR:L) reflecting limited confidentiality impact and requirement for low-privilege authentication, but publicly available exploit code exists and exploitation probability (EPSS 0.09%) is extremely low, suggesting this is a narrow-scope, low-urgency issue despite public disclosure.

Technical ContextAI

ChanCMS is a content management system where the /sysApp/find endpoint improperly handles accessKey and secretKey parameters without sufficient validation or access controls. The vulnerability stems from CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), indicating that sensitive data is accessible to users who should not have permission to view it. The attack vector is network-based (AV:N) with low complexity (AC:L), meaning no special tooling or timing is required, but successful exploitation requires valid user credentials (PR:L), limiting the attack surface to authenticated users with at least basic application access.

RemediationAI

Upgrade ChanCMS to version 3.1.3 or later immediately to address this vulnerability. This is the primary and recommended fix confirmed by the vendor. For environments unable to upgrade immediately, restrict access to the /sysApp/find endpoint using network access controls (firewall rules, reverse proxy ACLs) to limit exposure to authenticated users who have legitimate business need to access the endpoint; validate and sanitize all accessKey and secretKey parameters server-side before processing; and implement robust logging and monitoring of requests to this endpoint to detect exploitation attempts. These compensating controls do not eliminate the vulnerability but reduce the likelihood of unauthorized information disclosure until patching is completed. Refer to the vendor advisory and Gitee issue (https://gitee.com/yanyutao0402/ChanCMS/issues/ICLP9V) for technical details and upgrade procedures.

CVE-2025-8226 vulnerability details – vuln.today

Back