Skip to main content

Dromara RuoYi-Vue-Plus CVE-2026-2819

LOW
Missing Authorization (CWE-862)
2026-02-20 cna@vuldb.com
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Severity Changed
Apr 29, 2026 - 01:11 NVD
MEDIUM LOW
CVSS changed
Apr 29, 2026 - 01:11 NVD
6.3 (MEDIUM) 2.1 (LOW)
Analysis Generated
Mar 12, 2026 - 22:04 vuln.today
CVE Published
Feb 20, 2026 - 02:16 nvd
MEDIUM 6.3

DescriptionCVE.org

A vulnerability was identified in Dromara RuoYi-Vue-Plus up to 5.5.3. This vulnerability affects the function SaServletFilter of the file /workflow/instance/deleteByInstanceIds of the component Workflow Module. The manipulation leads to missing authorization. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Missing authorization in Dromara RuoYi-Vue-Plus up to version 5.5.3 allows authenticated remote attackers to delete workflow instances without proper access controls via the SaServletFilter component. Public exploit code exists for this vulnerability, and the vendor has not responded to disclosure attempts. The flaw enables low-impact compromise of workflow data integrity with network accessibility and minimal attack complexity.

Technical ContextAI

This vulnerability (CWE-862: Missing Authorization) affects A vulnerability was identified in Dromara RuoYi-Vue-Plu. was identified in Dromara RuoYi-Vue-Plus up to 5.5.3. This vulnerability affects the function SaServletFilter of the file /workflow/instance/deleteByInstanceIds of the component Workflow Module. The manipulation leads to missing authorization. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected ProductsAI

Product: A vulnerability was identified in Dromara RuoYi-Vue-Plu. Versions: up to 5.5.3..

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Share

CVE-2026-2819 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy