Is there a public PoC exploit available for CVE-2026-6125?

Yes, a public proof-of-concept exploit is available for CVE-2026-6125. Prioritise patching immediately. EPSS: 0.0%.

Is there a patch available for CVE-2026-6125?

Yes, a patch is available for CVE-2026-6125. Update the affected software to the latest version immediately.

Dromara CVE-2026-6125

Q: What is the CVSS score of CVE-2026-6125?

CVE-2026-6125 has a CVSS 4.0 base score of 2.1 (Low). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-21729 LOW

Code Injection (CWE-94)

2026-04-12 VulDB

GHSA-822v-8w6h-5jxp

RCE Code Injection

2.1

CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Severity Changed

Apr 29, 2026 - 01:11 NVD

MEDIUM LOW

CVSS changed

Apr 29, 2026 - 01:11 NVD

5.3 (MEDIUM) 2.1 (LOW)

PoC Detected

Apr 29, 2026 - 01:00 vuln.today

Public exploit code

Patch released

Apr 15, 2026 - 02:30 nvd

Patch available

CVSS changed

Apr 12, 2026 - 10:22 NVD

6.3 (MEDIUM) 5.3 (MEDIUM)

Analysis Generated

Apr 12, 2026 - 10:06 vuln.today

EUVD ID Assigned

Apr 12, 2026 - 10:00 euvd

EUVD-2026-21729

Analysis Generated

Apr 12, 2026 - 10:00 vuln.today

CVE Published

Apr 12, 2026 - 09:30 nvd

LOW 2.1

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

17 maven packages depend on org.dromara.warm:warm-flow-plugin-modes-sb (6 direct, 11 indirect)

Ecosystem-wide dependent count for version 1.8.5.

DescriptionNVD

A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag results in code injection. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.

AnalysisAI

Remote code injection in Dromara warm-flow up to version 1.8.4 allows authenticated attackers to execute arbitrary code through the SpelHelper.parseExpression function via manipulation of listenerPath, skipCondition, or permissionFlag parameters in the Workflow Definition Handler. The vulnerability uses SpEL (Spring Expression Language) injection to achieve code execution with CVSS 6.3 severity. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-6125 vulnerability details – vuln.today

Back