Skip to main content

Java

3270 CVEs product

Monthly

CVE-2026-3963 LOW Monitor

A security flaw has been discovered in perfree go-fastdfs-web up to 1.3.7. This affects the function rememberMeManager of the file src/main/java/com/perfree/config/ShiroConfig.java of the component Apache Shiro RememberMe. Performing a manipulation results in use of hard-coded cryptographic key . The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is reported as difficult. The exploit has been released to the public and may be used for attacks...

Apache Java Information Disclosure
NVD VulDB
CVSS 4.0
2.9
EPSS
0.0%
CVE-2026-3957 LOW Monitor

SQL injection in the weimai-wetapp HomeController endpoint allows remote attackers with high privileges to manipulate the cat parameter and execute arbitrary database queries, potentially leading to unauthorized data access or modification. Public exploit code is available for this vulnerability, and the development team has not yet responded to the early disclosure notification. A patch is not currently available.

Java SQLi
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-3956 LOW Monitor

SQL injection in the Admin_AdminUserController of weimai-wetapp allows remote attackers with high privileges to manipulate the keyword parameter and execute arbitrary SQL queries, potentially leading to unauthorized data access and modification. Public exploit code exists for this vulnerability, though no patch is currently available. The vulnerability affects Java-based deployments using affected versions of the weimai-wetapp project.

Java SQLi
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-2742 Maven MEDIUM PATCH This Month

Authentication bypass in Vaadin framework (14.0.0-14.14.0, 23.0.0-23.6.x, and other ranges). The web application framework fails to properly enforce authentication on certain routes.

Authentication Bypass Java Red Hat
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.3%
CVE-2026-3813 LOW POC Monitor

Injection vulnerability in JFlow's WF_CCForm Calculate function allows authenticated remote attackers to perform injection attacks with limited impact on confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, though no patch is currently available from the project maintainers.

Java Information Disclosure
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3789 LOW POC PATCH Monitor

Server-side request forgery in Bytedesk versions up to 1.3.9 allows authenticated attackers to manipulate the apiUrl parameter in the SpringAIGiteeRestService component, enabling them to make arbitrary network requests from the affected server. Public exploit code exists for this vulnerability, which requires valid user credentials to exploit. Users should upgrade to version 1.4.5.4 or later to remediate the issue.

Java SSRF
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-3788 LOW POC PATCH Monitor

Server-side request forgery in Bytedesk versions up to 1.3.9 allows authenticated attackers to manipulate the apiUrl parameter in the SpringAIOpenrouterRestController, enabling arbitrary HTTP requests from the affected server. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. Upgrading to version 1.4.5.4 or later resolves this issue.

Java SSRF
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-3750 LOW POC Monitor

ContiNew Admin up to version 4.2.0 contains a server-side request forgery vulnerability in its Storage Management Module that allows remote attackers to manipulate URI creation functions with high privileges. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification.

Java SSRF
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-3749 LOW POC PATCH Monitor

Unrestricted file upload in Bytedesk versions up to 1.3.9 allows authenticated remote attackers to upload arbitrary SVG files through the handleFileUpload function in UploadRestService.java. Public exploit code exists for this vulnerability, and attackers can leverage it to bypass file upload restrictions and potentially execute malicious content. Upgrade to version 1.4.5.1 or apply patch 975e39e4dd527596987559f56c5f9f973f64eff7 to remediate.

Java Authentication Bypass File Upload
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-3748 LOW POC PATCH Monitor

Unrestricted file upload in Bytedesk versions up to 1.3.9 allows authenticated remote attackers to upload malicious SVG files through the UploadRestController component. Public exploit code exists for this vulnerability, which could enable attackers to execute arbitrary code or compromise system integrity. Update to version 1.4.5.1 or later to remediate this issue.

Java Authentication Bypass File Upload
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-3733 LOW Monitor

XXL-Job versions up to 3.3.2 contain a server-side request forgery vulnerability in the JobInfoController that allows authenticated attackers to make arbitrary HTTP requests from the server due to insufficient access token validation. An attacker with valid credentials can exploit this remotely to conduct SSRF attacks against internal systems. Public exploit code exists for this vulnerability, and no patch is currently available.

Java SSRF
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3725 LOW Monitor

SmartAdmin versions up to 3.29 contain a template injection vulnerability in the FreeMarker template handler that allows authenticated remote attackers to manipulate template content and achieve code execution. The flaw exists in the MailService component's freemarkerResolverContent function and has a public exploit available. Since no patch is available and the vendor has not responded, organizations using affected versions should immediately assess exposure and consider alternative solutions.

Java Information Disclosure
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3721 LOW Monitor

A weakness has been identified in 1024-lab/lab1024 SmartAdmin versions up to 3.29. is affected by cross-site scripting (xss) (CVSS 3.5).

Java XSS
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-0848 PyPI CRITICAL PATCH Act Now

Remote code execution in NLTK (Natural Language Toolkit) versions ≤3.9.2 allows unauthenticated attackers to execute arbitrary Java bytecode through the StanfordSegmenter module's unvalidated loading of external JAR files. The vulnerability is exploitable via model poisoning, MITM attacks during JAR downloads, or dependency poisoning, with execution occurring automatically at import time. Despite a critical CVSS 10.0 score, EPSS probability of 0.48% (65th percentile) suggests low observed exploitation activity. No CISA KEV listing indicates no confirmed widespread active exploitation, though the vulnerability is publicly documented on huntr.com with technical details available.

Java RCE
NVD
CVSS 3.0
10.0
EPSS
0.5%
CVE-2026-20131 CRITICAL POC KEV THREAT Emergency

Cisco Secure Firewall Management Center (FMC) contains a critical unauthenticated Java deserialization vulnerability (CVE-2026-20131, CVSS 10.0) in its web interface that enables remote code execution as root. KEV-listed with public PoC, this vulnerability allows complete compromise of the central management platform that controls all Cisco firewalls in the organization, enabling attackers to modify security policies, disable protections, and access all network traffic.

Cisco Java Deserialization RCE
NVD VulDB GitHub
CVSS 3.1
10.0
EPSS
0.6%
Threat
6.0
CVE-2025-70821 CRITICAL POC Act Now

SQL injection in renren-security before v5.5.0 in BaseServiceImpl.java. PoC available.

Java SQLi Renren Security
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-3404 LOW POC Monitor

Jeesite versions up to 5.15.1. contains a vulnerability that allows attackers to xml external entity reference (CVSS 5.0).

Java XXE
NVD VulDB
CVSS 4.0
1.3
EPSS
0.0%
CVE-2025-69437 HIGH POC This Week

PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. [CVSS 8.7 HIGH]

Java Publiccms XSS
NVD GitHub
CVSS 3.1
8.7
EPSS
0.0%
CVE-2026-3293 Maven LOW POC PATCH Monitor

A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. [CVSS 3.3 LOW]

Java Denial Of Service
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3289 LOW POC Monitor

Path traversal in Sanluan PublicCMS 6.202506.d's Template Cache Generation component allows authenticated remote attackers to manipulate the saveMetadata function and access arbitrary files on the system. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor who has not responded to disclosure attempts.

Java Path Traversal
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-3287 LOW POC Monitor

SQL injection in Youlai Mall 2.0.0's product pagination endpoint allows authenticated remote attackers to manipulate the sortField parameter and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and the vendor has not provided a patch. Attackers with valid credentials can exploit this flaw to read or modify sensitive data within the database.

Java SQLi
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3286 LOW POC Monitor

Server-side request forgery in Paicoding 1.0.0-1.0.3 allows authenticated attackers to manipulate the image upload parameter and trigger arbitrary outbound requests from the affected server. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. The attack requires valid credentials but poses risks to internal network reconnaissance and data exfiltration.

Java SSRF
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3270 Maven LOW POC Monitor

Server-side request forgery in PSI Probe up to version 5.3.0 allows authenticated attackers to conduct arbitrary network requests through the Whois lookup function. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor. The flaw requires valid credentials but can be exploited remotely with minimal complexity.

Java SSRF
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3269 Maven LOW POC Monitor

Psi Probe versions up to 5.3.0 contain a denial of service vulnerability in the session expiration handler that allows authenticated remote attackers to crash the application through request manipulation. Public exploit code is available for this vulnerability, and no patch has been released despite vendor notification. The vulnerability affects Java-based deployments of Psi Probe used for Tomcat monitoring.

Java Denial Of Service
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3268 LOW POC Monitor

Improper access controls in PSI Probe up to version 5.3.0 allow authenticated remote attackers to manipulate session attributes through the RemoveSessAttributeController, enabling unauthorized modifications to application state. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-28208 Maven MEDIUM POC PATCH This Month

Junrar versions prior to 7.5.8 contain a path traversal vulnerability in LocalFolderExtractor that allows attackers to write arbitrary files to the filesystem when processing malicious RAR archives on Linux/Unix systems. Public exploit code exists for this vulnerability, which can facilitate remote code execution through file overwrite attacks such as modifying shell profiles or cron jobs. Users should upgrade to version 7.5.8 or later to remediate this issue.

Linux Java RCE Path Traversal Junrar +1
NVD GitHub
CVSS 3.1
5.9
EPSS
0.1%
CVE-2026-26682 HIGH POC This Week

Fastcms versions prior to 0.1.6 contain a code injection vulnerability in the PluginController component that allows local attackers with user-level privileges to execute arbitrary code with full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available. Java environments running affected Fastcms instances are at risk of privilege escalation and complete system takeover.

Java Fastcms
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-27830 Maven HIGH PATCH This Week

Remote code execution in c3p0 (a Java JDBC connection-pooling library) before v0.12.0 allows an attacker who can set the `userOverridesAsString` property of a `ConnectionPoolDataSource` - or inject a crafted serialized object or `javax.naming.Reference` - to load and run arbitrary code on the application's CLASSPATH. The flaw stems from storing this writable Java-Bean property as a hex-encoded Java-serialized object, and is amplified by its dependency mchange-commons-java, which mirrored legacy JNDI behavior with ungated support for remote `factoryClassLocation` values, enabling download and execution of attacker-hosted classes. EPSS is low (0.15%) and there is no public exploit identified at time of analysis, though deserialization/JNDI gadget techniques against this library are publicly documented.

Java Deserialization Code Injection RCE
NVD GitHub VulDB
CVSS 4.0
8.9
EPSS
0.1%
CVE-2026-27727 Maven HIGH POC PATCH This Week

Remote code execution in mchange-commons-java prior to 0.4.0 allows an attacker to download and run arbitrary Java code by forcing an application to dereference a malicious javax.naming.Reference or serialized object that specifies a remote factoryClassLocation. The library ships its own legacy JNDI dereferencing implementation, so applications using it (notably the c3p0 connection pool) remain exploitable even on JDKs hardened with com.sun.jndi.ldap.object.trustURLCodebase=false. Publicly available exploit code exists (Mogwai Labs c3p0 research), though EPSS is low (0.10%, 27th percentile) and the issue is not listed in CISA KEV.

Java Mchange Commons Java Information Disclosure
NVD GitHub
CVSS 4.0
8.9
EPSS
0.1%
CVE-2025-11165 CRITICAL Act Now

Sandbox escape in dotCMS Velocity scripting engine (VTools) allows authenticated users to execute arbitrary SQL. CVSS 9.9 with scope change — affects one of the largest Java CMS platforms.

Tomcat Java Dotcms
NVD
CVSS 3.1
9.9
EPSS
0.1%
CVE-2026-3067 LOW POC Monitor

HummerRisk versions up to 1.5.0 contain a path traversal vulnerability in the archive extraction functionality that allows authenticated remote attackers to read and write arbitrary files on the system. Public exploit code exists for this vulnerability, and no patch is currently available. The vulnerability affects the extractTarGZ and extractZip functions in the common utilities library.

Java Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-3066 LOW POC Monitor

Hummerrisk versions up to 1.5.0. contains a vulnerability that allows attackers to command injection (CVSS 6.3).

Java Command Injection
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.4%
CVE-2026-3065 LOW POC Monitor

Command injection in HummerRisk up to version 1.5.0 allows authenticated remote attackers to execute arbitrary commands through the Cloud Task Dry-run feature by manipulating the fileName parameter in CloudTaskService.java. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. An attacker with valid credentials can achieve remote code execution with limited impact on confidentiality, integrity, and availability.

Java Command Injection
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.4%
CVE-2026-3064 LOW POC Monitor

HummerRisk versions up to 1.5.0 contain a command injection vulnerability in the Cloud Task Scheduler component where the regionId parameter is insufficiently validated, allowing authenticated remote attackers to execute arbitrary commands. Public exploit code exists for this vulnerability and the vendor has not provided a patch despite early disclosure notification. An authenticated attacker can exploit this to achieve remote code execution with limited scope impact.

Java Command Injection
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.4%
CVE-2026-3053 MEDIUM POC This Month

Dinky versions up to 1.2.5 contain an authentication bypass in the OpenAPI endpoint handler that allows unauthenticated remote attackers to manipulate interceptor configuration. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor.

Java Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-3052 LOW POC Monitor

Server-side request forgery in Dinky up to version 1.2.5 allows authenticated attackers to make arbitrary HTTP requests through the Flink Proxy Controller's proxyUba function. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. An attacker with valid credentials can leverage this to access internal resources or perform actions on behalf of the affected server.

Java SSRF
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3051 LOW POC Monitor

Path traversal in Dinky up to version 1.2.5 allows authenticated remote attackers to access arbitrary files on the system through manipulation of the projectName parameter in the GitRepository component. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can exploit this to read sensitive files or potentially escalate privileges within Java-based Dinky deployments.

Java Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-3028 LOW POC Monitor

Cross-site scripting (XSS) in the doAdd function of Jeewms up to version 3.7 allows unauthenticated remote attackers to inject malicious scripts through the Name parameter. Public exploit code exists for this vulnerability, and the vendor has not released patches or responded to disclosure attempts. An attacker can exploit this via a user interaction to perform actions in the context of the affected application.

Java XSS
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-25747 Maven HIGH POC PATCH This Week

Deserialization of Untrusted Data vulnerability in Apache Camel LevelDB component. The Camel-LevelDB DefaultLevelDBSerializer class deserializes data read from the LevelDB aggregation repository using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. [CVSS 8.8 HIGH]

Apache Java Deserialization Camel RCE
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2972 LOW POC Monitor

A vulnerability was determined in a466350665 Smart-SSO up to 2.1.1. This affects the function Save of the file smart-sso-server/src/main/java/openjoe/smart/sso/server/controller/admin/UserController.java of the component Role Edit Page. [CVSS 2.4 LOW]

Java XSS
NVD VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-2957 LOW POC Monitor

The deleteBackup function in Dst Admin up to version 1.5.0 contains an improper resource handling flaw that permits authenticated remote attackers to trigger denial of service conditions. Public exploit code is available for this vulnerability, and the vendor has not provided a patch despite early notification. The attack requires valid credentials but no user interaction, making it actionable in environments where access controls are weak.

Java Denial Of Service
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-2947 LOW POC Monitor

A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. [CVSS 3.5 LOW]

Java XSS
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-2946 LOW POC Monitor

A security vulnerability has been detected in rymcu forest up to 0.0.5. Affected by this issue is the function XssUtils.replaceHtmlCode of the file src/main/java/com/rymcu/forest/util/XssUtils.java of the component Article Content/Comments/Portfolio. [CVSS 3.5 LOW]

Java XSS
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-2852 LOW POC Monitor

Improper access controls in the Sales endpoint of Yeqifu Warehouse allow authenticated remote attackers to manipulate sales records through the addSales, updateSales, and deleteSales functions, potentially compromising data integrity and confidentiality. Public exploit code exists for this vulnerability, and no patch is currently available despite early notification to the developers.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-2851 LOW POC Monitor

Improper access controls in the Inport Endpoint of yeqifu Warehouse allow authenticated remote attackers to manipulate critical functions (addInport, updateInport, deleteInport) and gain unauthorized access to sensitive data or operations. Public exploit code exists for this vulnerability, and no patch is currently available. The vulnerability affects Java-based deployments with network access to the warehouse application.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-2850 LOW POC Monitor

Improper access controls in the Customer Endpoint of yeqifu Warehouse allow authenticated remote attackers to manipulate customer data through the addCustomer, updateCustomer, and deleteCustomer functions. Public exploit code exists for this vulnerability, and the vendor has not yet provided a patch. An attacker with valid credentials can achieve unauthorized information disclosure, modification, and denial of service with low attack complexity.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-2849 LOW POC Monitor

Improper access controls in the Cache Sync Handler of yeqifu Warehouse allow authenticated remote attackers to manipulate cache operations (deleteCache, removeAllCache, syncCache) and achieve unauthorized modification or denial of service. Public exploit code exists for this vulnerability, and the vendor has not yet released a patch despite early notification.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-2818 HIGH This Week

Spring Data Geode's snapshot import feature on Windows systems is vulnerable to path traversal attacks that enable attackers to write arbitrary files outside the intended extraction directory. Remote attackers can exploit this vulnerability without authentication to potentially overwrite critical system or application files. No patch is currently available.

Path Traversal Microsoft Java
NVD HeroDevs VulDB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2026-2676 LOW Monitor

Improper authorization in GoogTech sms-ssm's LoginInterceptor API interface allows remote authenticated attackers to bypass access controls and manipulate protected functions. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available, requiring organizations to implement compensating controls or restrict access to the affected API endpoints.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-2665 LOW Monitor

Unrestricted file upload in huanzi-qch base-admin's JSP file upload function allows authenticated remote attackers to upload arbitrary files by manipulating the File parameter, potentially leading to code execution. The vulnerability affects the SysFileController component and has public exploit code available. No patch is currently available from the developers.

Java Authentication Bypass File Upload
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-2623 LOW POC Monitor

Path traversal in Blossom up to version 1.17.1 file upload functionality allows authenticated remote attackers to access arbitrary files on affected systems. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.

Java Path Traversal File Upload
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-2622 LOW POC Monitor

A vulnerability was detected in Blossom up to 1.17.1. This vulnerability affects the function content of the file blossom-backend/backend/src/main/java/com/blossom/backend/server/article/draft/ArticleController.java of the component Article Title Handler. [CVSS 3.5 LOW]

Java XSS
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-2557 LOW POC Monitor

A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com/cskefu/cc/controller/resource/MediaController.java of the component File Upload. [CVSS 3.5 LOW]

Java XSS File Upload
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-2556 LOW POC Monitor

Server-side request forgery in Cskefu up to version 8.0.1 allows authenticated remote attackers to manipulate the URL parameter in the MediaController endpoint to perform arbitrary HTTP requests from the affected server. Public exploit code exists for this vulnerability and the vendor has not provided a patch despite early notification. The attack requires valid authentication credentials but can be executed remotely with low complexity.

Java SSRF
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-2555 MEDIUM POC This Month

JeecgBoot 3.9.1's RAG knowledge controller fails to properly validate ZIP file imports, allowing authenticated remote attackers to trigger unsafe deserialization with public exploit code available. The vulnerability requires authentication and complex attack execution but could enable information disclosure or integrity compromise. No patch is currently available from the vendor.

Java Deserialization AI / ML Jeecg Boot
NVD GitHub VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-2536 LOW Monitor

OpenCC JFlow versions up to 20260129 contain an XML External Entity (XXE) injection vulnerability in the Workflow Engine's file handling component that allows authenticated remote attackers to read sensitive files or perform denial of service attacks. Public exploit code exists for this vulnerability, and the vendor has not yet provided a patch. The issue affects Java-based deployments and requires valid credentials to exploit.

Java XXE
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-33042 LIB HIGH PATCH This Week

Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas. This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version 1.12.0. [CVSS 7.3 HIGH]

Apache Java Code Injection Avro Red Hat
NVD VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-2201 LOW POC Monitor

A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. [CVSS 2.4 LOW]

Java XSS
NVD VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-2141 LOW POC PATCH Monitor

Improper authorization in WukongCRM up to version 11.3.3 allows authenticated remote attackers to manipulate URL handling logic and bypass access controls. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. The flaw affects the PermissionServiceImpl component and enables attackers to gain unauthorized access to restricted functionality.

Java Information Disclosure Wukongcrm
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-2107 LOW POC Monitor

Improper authorization in the yeqifu Warehouse Log Info Handler allows authenticated remote attackers to access, modify, or delete log information through the loadAllLoginfo, deleteLoginfo, and batchDeleteLoginfo functions. Public exploit code exists for this vulnerability, and the developers have not yet released a patch despite early notification. Java-based deployments using affected versions are at risk of unauthorized log manipulation by authenticated users.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-2106 LOW POC Monitor

Improper authorization in Yeqifu Warehouse's Notice Management component allows authenticated users to perform unauthorized operations on notice records through the addNotice, updateNotice, deleteNotice, and batchDeleteNotice functions. Public exploit code exists for this vulnerability, and the vendor has not yet responded to the disclosure. An attacker with valid credentials can remotely manipulate notice data, compromising the confidentiality, integrity, and availability of the application.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-2105 LOW POC Monitor

Improper authorization in the Department Management component of yeqifu Warehouse allows authenticated users to manipulate department operations (add, update, delete) without proper access controls. Public exploit code exists for this vulnerability, which can be leveraged remotely by attackers with valid credentials. No patch is currently available from the vendor.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-2079 LOW POC Monitor

Improper authorization in the Menu Management component of Yeqifu Warehouse allows authenticated remote attackers to manipulate menu operations (add, update, delete) without proper access controls. Public exploit code exists for this vulnerability, and the maintainers have not yet released a patch despite early notification. The flaw affects Java-based deployments running the vulnerable commit and could enable unauthorized administrative actions.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-2078 LOW POC Monitor

Improper authorization in the Permission Management component of yeqifu Warehouse allows authenticated remote attackers to manipulate permission-related functions (addPermission, updatePermission, deletePermission) and gain unauthorized access or modify system permissions. Public exploit code exists for this vulnerability, and no patch is currently available. The vulnerability affects Java-based Warehouse deployments with a CVSS score of 6.3.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-2077 LOW POC Monitor

Improper authorization in yeqifu Warehouse's Role Management Handler (addRole/updateRole/deleteRole functions) allows authenticated remote attackers to perform unauthorized privilege escalation and data manipulation. Public exploit code exists for this vulnerability, and the vendor has not released a patch or responded to disclosure. An attacker with valid credentials can bypass authorization controls to modify system roles and access restrictions.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-2076 LOW POC Monitor

A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. [CVSS 6.3 MEDIUM]

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-2075 LOW POC Monitor

Improper access control in the Role-Permission Binding Handler of yeqifu Warehouse allows authenticated remote attackers to modify role permissions through the saveRolePermission function, potentially gaining unauthorized access to sensitive operations. Public exploit code exists for this vulnerability, and the vendor has not yet released a patch despite early notification of the issue.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-2010 LOW POC PATCH Monitor

Improper authorization in Sanluan PublicCMS versions up to 4.0.202506.d, 5.202506.d, and 6.202506.d allows authenticated attackers to manipulate the paymentId parameter in the Trade Payment Handler, potentially leading to integrity and availability impacts. Public exploit code exists for this vulnerability, though exploitation requires high complexity and specific conditions. A patch is available and should be applied promptly to affected Java-based deployments.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
1.3
EPSS
0.1%
CVE-2026-25526 Maven CRITICAL PATCH Act Now

JinJava template engine has a server-side template injection vulnerability enabling arbitrary code execution through crafted Jinja-style templates.

Java Golang Django Jinjava
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-1813 LOW POC Monitor

Unrestricted file upload in Bolo Solo up to version 2.6.4 allows authenticated remote attackers to upload arbitrary files via the FreeMarker Template Handler component. Public exploit code exists for this vulnerability, and the vendor has not yet released a patch despite early notification. An attacker with valid credentials can achieve limited confidentiality, integrity, and availability impacts.

Java Authentication Bypass File Upload
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-1812 LOW POC Monitor

Path traversal in Bolo Solo up to version 2.6.4 allows authenticated attackers to manipulate file path arguments in the backup import function, potentially accessing or modifying arbitrary files on the affected system. Public exploit code exists for this vulnerability, and the maintainers have not yet released a patch despite early notification. The attack requires valid credentials but can be executed remotely over the network.

Java Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-1811 LOW POC Monitor

Path traversal in Bolo Solo's importFromMarkdown function allows authenticated attackers to manipulate file paths and access arbitrary files on affected systems. The vulnerability affects Bolo Solo versions up to 2.6.4 and requires valid credentials but no user interaction to exploit. Public exploit code exists for this vulnerability, and no patch is currently available.

Java Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-1810 LOW POC Monitor

Path traversal in Bolo Solo up to version 2.6.4 allows authenticated attackers to manipulate ZIP file extraction operations in the BackupService component, potentially reading or writing arbitrary files on the affected system. Public exploit code is available for this vulnerability, and the vendor has not yet provided a patch despite early notification.

Java Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2020-37052 CRITICAL POC Act Now

Pre-authentication RCE in AirControl 1.4.2 network management allows unauthenticated system command execution. PoC available.

Java RCE
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-1691 LOW POC Monitor

Unsafe deserialization in Bolo Solo up to version 2.6.4 through the SnakeYAML component allows authenticated attackers to execute arbitrary code remotely via the importMarkdownsSync function. Public exploit code exists for this vulnerability and no patch is currently available. Authenticated users with access to the backup functionality can trigger this flaw to compromise affected systems.

Java Deserialization
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2023-37525 MEDIUM This Month

A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals. [CVSS 5.3 MEDIUM]

Java Information Disclosure Bigfix Compliance
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-24824 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in yacy yacy_search_server (source/net/yacy/http/servlets modules). This vulnerability is associated with program files YaCyDefaultServlet.Java.

Java XSS
NVD GitHub
EPSS
0.1%
CVE-2026-24819 Maven Monitor

Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j (weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules). This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java.

Java
NVD GitHub
EPSS
0.0%
CVE-2026-24816 Monitor

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in datavane tis (tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules). This vulnerability is associated with program files ChangeDomainAction.Java.

Java
NVD GitHub
EPSS
0.1%
CVE-2026-24815 This Week

Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis (tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules). This vulnerability is associated with program files XmlFile.Java.

Java Deserialization
NVD GitHub
EPSS
0.1%
CVE-2026-24807 Maven MEDIUM This Month

Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media (plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules). This vulnerability is associated with program files SeekableOutputStream.Java.

Apache Java Jwt Attack Information Disclosure
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-24806 Maven MEDIUM This Month

Improper Control of Generation of Code ('Code Injection') vulnerability in liuyueyi quick-media (plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules). This vulnerability is associated with program files PNGImageEncoder.Java.

Apache Java Code Injection RCE
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2026-24802 Maven PATCH Monitor

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in briandilley jsonrpc4j (src/main/java/com/googlecode/jsonrpc4j modules). This vulnerability is associated with program files NoCloseOutputStream.Java.

Java
NVD GitHub
EPSS
0.0%
CVE-2026-24794 This Week

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in CardboardPowered cardboard (src/main/java/org/cardboardpowered/impl/world modules). This vulnerability is associated with program files WorldImpl.Java.

Java
NVD GitHub
EPSS
0.1%
CVE-2026-1464 This Week

Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager (app/src/main/java/org/apache/commons/compress/archivers/tar modules). This vulnerability is associated with program files TarUtils.Java.

Apache Java Integer Overflow
NVD GitHub
EPSS
0.0%
CVE-2026-24400 Maven CRITICAL PATCH Act Now

XXE (XML External Entity) injection in AssertJ Java testing library from 1.4.0 to before 3.27.7 allows reading arbitrary files when parsing XML assertions. Patch available.

Java SSRF XXE Denial Of Service Assertj +2
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2025-70982 CRITICAL POC Act Now

Access control bypass in SpringBlade v4.5.0 importUser function allows low-privileged users to import sensitive user data and escalate privileges. PoC available.

Spring Java Privilege Escalation Information Disclosure Authentication Bypass +1
NVD GitHub
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-1406 LOW Monitor

A vulnerability was determined in lcg0124 BootDo up to 5ccd963c74058036b466e038cff37de4056c1600. Affected by this vulnerability is the function redirectToLogin of the file AccessControlFilter.java of the component Host Header Handler. [CVSS 3.5 LOW]

Java Open Redirect
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-70983 CRITICAL Act Now

SpringBlade v4.5.0 has an access control flaw in authRoutes allowing low-privileged users to escalate to admin through the authentication routing mechanism.

Spring Java Privilege Escalation Authentication Bypass Springblade
NVD GitHub
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-1225 Maven PATCH Monitor

ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially malicious Java class requires that said class is present on the user's class-path. In addition, the attacker must have write access to a configuration file. However, after successful instantia...

Java
NVD
EPSS
0.0%
EPSS 0% CVSS 2.9
LOW Monitor

A security flaw has been discovered in perfree go-fastdfs-web up to 1.3.7. This affects the function rememberMeManager of the file src/main/java/com/perfree/config/ShiroConfig.java of the component Apache Shiro RememberMe. Performing a manipulation results in use of hard-coded cryptographic key . The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is reported as difficult. The exploit has been released to the public and may be used for attacks...

Apache Java Information Disclosure
NVD VulDB
EPSS 0% CVSS 2.0
LOW Monitor

SQL injection in the weimai-wetapp HomeController endpoint allows remote attackers with high privileges to manipulate the cat parameter and execute arbitrary database queries, potentially leading to unauthorized data access or modification. Public exploit code is available for this vulnerability, and the development team has not yet responded to the early disclosure notification. A patch is not currently available.

Java SQLi
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW Monitor

SQL injection in the Admin_AdminUserController of weimai-wetapp allows remote attackers with high privileges to manipulate the keyword parameter and execute arbitrary SQL queries, potentially leading to unauthorized data access and modification. Public exploit code exists for this vulnerability, though no patch is currently available. The vulnerability affects Java-based deployments using affected versions of the weimai-wetapp project.

Java SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Authentication bypass in Vaadin framework (14.0.0-14.14.0, 23.0.0-23.6.x, and other ranges). The web application framework fails to properly enforce authentication on certain routes.

Authentication Bypass Java Red Hat
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Injection vulnerability in JFlow's WF_CCForm Calculate function allows authenticated remote attackers to perform injection attacks with limited impact on confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, though no patch is currently available from the project maintainers.

Java Information Disclosure
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Server-side request forgery in Bytedesk versions up to 1.3.9 allows authenticated attackers to manipulate the apiUrl parameter in the SpringAIGiteeRestService component, enabling them to make arbitrary network requests from the affected server. Public exploit code exists for this vulnerability, which requires valid user credentials to exploit. Users should upgrade to version 1.4.5.4 or later to remediate the issue.

Java SSRF
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Server-side request forgery in Bytedesk versions up to 1.3.9 allows authenticated attackers to manipulate the apiUrl parameter in the SpringAIOpenrouterRestController, enabling arbitrary HTTP requests from the affected server. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. Upgrading to version 1.4.5.4 or later resolves this issue.

Java SSRF
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

ContiNew Admin up to version 4.2.0 contains a server-side request forgery vulnerability in its Storage Management Module that allows remote attackers to manipulate URI creation functions with high privileges. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification.

Java SSRF
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Unrestricted file upload in Bytedesk versions up to 1.3.9 allows authenticated remote attackers to upload arbitrary SVG files through the handleFileUpload function in UploadRestService.java. Public exploit code exists for this vulnerability, and attackers can leverage it to bypass file upload restrictions and potentially execute malicious content. Upgrade to version 1.4.5.1 or apply patch 975e39e4dd527596987559f56c5f9f973f64eff7 to remediate.

Java Authentication Bypass File Upload
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Unrestricted file upload in Bytedesk versions up to 1.3.9 allows authenticated remote attackers to upload malicious SVG files through the UploadRestController component. Public exploit code exists for this vulnerability, which could enable attackers to execute arbitrary code or compromise system integrity. Update to version 1.4.5.1 or later to remediate this issue.

Java Authentication Bypass File Upload
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

XXL-Job versions up to 3.3.2 contain a server-side request forgery vulnerability in the JobInfoController that allows authenticated attackers to make arbitrary HTTP requests from the server due to insufficient access token validation. An attacker with valid credentials can exploit this remotely to conduct SSRF attacks against internal systems. Public exploit code exists for this vulnerability, and no patch is currently available.

Java SSRF
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

SmartAdmin versions up to 3.29 contain a template injection vulnerability in the FreeMarker template handler that allows authenticated remote attackers to manipulate template content and achieve code execution. The flaw exists in the MailService component's freemarkerResolverContent function and has a public exploit available. Since no patch is available and the vendor has not responded, organizations using affected versions should immediately assess exposure and consider alternative solutions.

Java Information Disclosure
NVD VulDB
EPSS 0% CVSS 2.0
LOW Monitor

A weakness has been identified in 1024-lab/lab1024 SmartAdmin versions up to 3.29. is affected by cross-site scripting (xss) (CVSS 3.5).

Java XSS
NVD VulDB
EPSS 0% CVSS 10.0
CRITICAL PATCH Act Now

Remote code execution in NLTK (Natural Language Toolkit) versions ≤3.9.2 allows unauthenticated attackers to execute arbitrary Java bytecode through the StanfordSegmenter module's unvalidated loading of external JAR files. The vulnerability is exploitable via model poisoning, MITM attacks during JAR downloads, or dependency poisoning, with execution occurring automatically at import time. Despite a critical CVSS 10.0 score, EPSS probability of 0.48% (65th percentile) suggests low observed exploitation activity. No CISA KEV listing indicates no confirmed widespread active exploitation, though the vulnerability is publicly documented on huntr.com with technical details available.

Java RCE
NVD
EPSS 1% 6.0 CVSS 10.0
CRITICAL POC KEV THREAT Emergency

Cisco Secure Firewall Management Center (FMC) contains a critical unauthenticated Java deserialization vulnerability (CVE-2026-20131, CVSS 10.0) in its web interface that enables remote code execution as root. KEV-listed with public PoC, this vulnerability allows complete compromise of the central management platform that controls all Cisco firewalls in the organization, enabling attackers to modify security policies, disable protections, and access all network traffic.

Cisco Java Deserialization +1
NVD VulDB GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

SQL injection in renren-security before v5.5.0 in BaseServiceImpl.java. PoC available.

Java SQLi Renren Security
NVD GitHub
EPSS 0% CVSS 1.3
LOW POC Monitor

Jeesite versions up to 5.15.1. contains a vulnerability that allows attackers to xml external entity reference (CVSS 5.0).

Java XXE
NVD VulDB
EPSS 0% CVSS 8.7
HIGH POC This Week

PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. [CVSS 8.7 HIGH]

Java Publiccms XSS
NVD GitHub
EPSS 0% CVSS 1.9
LOW POC PATCH Monitor

A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. [CVSS 3.3 LOW]

Java Denial Of Service
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Path traversal in Sanluan PublicCMS 6.202506.d's Template Cache Generation component allows authenticated remote attackers to manipulate the saveMetadata function and access arbitrary files on the system. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor who has not responded to disclosure attempts.

Java Path Traversal
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in Youlai Mall 2.0.0's product pagination endpoint allows authenticated remote attackers to manipulate the sortField parameter and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and the vendor has not provided a patch. Attackers with valid credentials can exploit this flaw to read or modify sensitive data within the database.

Java SQLi
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Server-side request forgery in Paicoding 1.0.0-1.0.3 allows authenticated attackers to manipulate the image upload parameter and trigger arbitrary outbound requests from the affected server. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. The attack requires valid credentials but poses risks to internal network reconnaissance and data exfiltration.

Java SSRF
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Server-side request forgery in PSI Probe up to version 5.3.0 allows authenticated attackers to conduct arbitrary network requests through the Whois lookup function. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor. The flaw requires valid credentials but can be exploited remotely with minimal complexity.

Java SSRF
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Psi Probe versions up to 5.3.0 contain a denial of service vulnerability in the session expiration handler that allows authenticated remote attackers to crash the application through request manipulation. Public exploit code is available for this vulnerability, and no patch has been released despite vendor notification. The vulnerability affects Java-based deployments of Psi Probe used for Tomcat monitoring.

Java Denial Of Service
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Improper access controls in PSI Probe up to version 5.3.0 allow authenticated remote attackers to manipulate session attributes through the RemoveSessAttributeController, enabling unauthorized modifications to application state. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 5.9
MEDIUM POC PATCH This Month

Junrar versions prior to 7.5.8 contain a path traversal vulnerability in LocalFolderExtractor that allows attackers to write arbitrary files to the filesystem when processing malicious RAR archives on Linux/Unix systems. Public exploit code exists for this vulnerability, which can facilitate remote code execution through file overwrite attacks such as modifying shell profiles or cron jobs. Users should upgrade to version 7.5.8 or later to remediate this issue.

Linux Java RCE +3
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

Fastcms versions prior to 0.1.6 contain a code injection vulnerability in the PluginController component that allows local attackers with user-level privileges to execute arbitrary code with full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available. Java environments running affected Fastcms instances are at risk of privilege escalation and complete system takeover.

Java Fastcms
NVD GitHub
EPSS 0% CVSS 8.9
HIGH PATCH This Week

Remote code execution in c3p0 (a Java JDBC connection-pooling library) before v0.12.0 allows an attacker who can set the `userOverridesAsString` property of a `ConnectionPoolDataSource` - or inject a crafted serialized object or `javax.naming.Reference` - to load and run arbitrary code on the application's CLASSPATH. The flaw stems from storing this writable Java-Bean property as a hex-encoded Java-serialized object, and is amplified by its dependency mchange-commons-java, which mirrored legacy JNDI behavior with ungated support for remote `factoryClassLocation` values, enabling download and execution of attacker-hosted classes. EPSS is low (0.15%) and there is no public exploit identified at time of analysis, though deserialization/JNDI gadget techniques against this library are publicly documented.

Java Deserialization Code Injection +1
NVD GitHub VulDB
EPSS 0% CVSS 8.9
HIGH POC PATCH This Week

Remote code execution in mchange-commons-java prior to 0.4.0 allows an attacker to download and run arbitrary Java code by forcing an application to dereference a malicious javax.naming.Reference or serialized object that specifies a remote factoryClassLocation. The library ships its own legacy JNDI dereferencing implementation, so applications using it (notably the c3p0 connection pool) remain exploitable even on JDKs hardened with com.sun.jndi.ldap.object.trustURLCodebase=false. Publicly available exploit code exists (Mogwai Labs c3p0 research), though EPSS is low (0.10%, 27th percentile) and the issue is not listed in CISA KEV.

Java Mchange Commons Java Information Disclosure
NVD GitHub
EPSS 0% CVSS 9.9
CRITICAL Act Now

Sandbox escape in dotCMS Velocity scripting engine (VTools) allows authenticated users to execute arbitrary SQL. CVSS 9.9 with scope change — affects one of the largest Java CMS platforms.

Tomcat Java Dotcms
NVD
EPSS 0% CVSS 2.1
LOW POC Monitor

HummerRisk versions up to 1.5.0 contain a path traversal vulnerability in the archive extraction functionality that allows authenticated remote attackers to read and write arbitrary files on the system. Public exploit code exists for this vulnerability, and no patch is currently available. The vulnerability affects the extractTarGZ and extractZip functions in the common utilities library.

Java Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Hummerrisk versions up to 1.5.0. contains a vulnerability that allows attackers to command injection (CVSS 6.3).

Java Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Command injection in HummerRisk up to version 1.5.0 allows authenticated remote attackers to execute arbitrary commands through the Cloud Task Dry-run feature by manipulating the fileName parameter in CloudTaskService.java. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. An attacker with valid credentials can achieve remote code execution with limited impact on confidentiality, integrity, and availability.

Java Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

HummerRisk versions up to 1.5.0 contain a command injection vulnerability in the Cloud Task Scheduler component where the regionId parameter is insufficiently validated, allowing authenticated remote attackers to execute arbitrary commands. Public exploit code exists for this vulnerability and the vendor has not provided a patch despite early disclosure notification. An authenticated attacker can exploit this to achieve remote code execution with limited scope impact.

Java Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Dinky versions up to 1.2.5 contain an authentication bypass in the OpenAPI endpoint handler that allows unauthenticated remote attackers to manipulate interceptor configuration. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor.

Java Authentication Bypass
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Server-side request forgery in Dinky up to version 1.2.5 allows authenticated attackers to make arbitrary HTTP requests through the Flink Proxy Controller's proxyUba function. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. An attacker with valid credentials can leverage this to access internal resources or perform actions on behalf of the affected server.

Java SSRF
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Path traversal in Dinky up to version 1.2.5 allows authenticated remote attackers to access arbitrary files on the system through manipulation of the projectName parameter in the GitRepository component. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can exploit this to read sensitive files or potentially escalate privileges within Java-based Dinky deployments.

Java Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Cross-site scripting (XSS) in the doAdd function of Jeewms up to version 3.7 allows unauthenticated remote attackers to inject malicious scripts through the Name parameter. Public exploit code exists for this vulnerability, and the vendor has not released patches or responded to disclosure attempts. An attacker can exploit this via a user interaction to perform actions in the context of the affected application.

Java XSS
NVD VulDB
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

Deserialization of Untrusted Data vulnerability in Apache Camel LevelDB component. The Camel-LevelDB DefaultLevelDBSerializer class deserializes data read from the LevelDB aggregation repository using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. [CVSS 8.8 HIGH]

Apache Java Deserialization +2
NVD GitHub
EPSS 0% CVSS 1.9
LOW POC Monitor

A vulnerability was determined in a466350665 Smart-SSO up to 2.1.1. This affects the function Save of the file smart-sso-server/src/main/java/openjoe/smart/sso/server/controller/admin/UserController.java of the component Role Edit Page. [CVSS 2.4 LOW]

Java XSS
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

The deleteBackup function in Dst Admin up to version 1.5.0 contains an improper resource handling flaw that permits authenticated remote attackers to trigger denial of service conditions. Public exploit code is available for this vulnerability, and the vendor has not provided a patch despite early notification. The attack requires valid credentials but no user interaction, making it actionable in environments where access controls are weak.

Java Denial Of Service
NVD VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. [CVSS 3.5 LOW]

Java XSS
NVD VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

A security vulnerability has been detected in rymcu forest up to 0.0.5. Affected by this issue is the function XssUtils.replaceHtmlCode of the file src/main/java/com/rymcu/forest/util/XssUtils.java of the component Article Content/Comments/Portfolio. [CVSS 3.5 LOW]

Java XSS
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Improper access controls in the Sales endpoint of Yeqifu Warehouse allow authenticated remote attackers to manipulate sales records through the addSales, updateSales, and deleteSales functions, potentially compromising data integrity and confidentiality. Public exploit code exists for this vulnerability, and no patch is currently available despite early notification to the developers.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Improper access controls in the Inport Endpoint of yeqifu Warehouse allow authenticated remote attackers to manipulate critical functions (addInport, updateInport, deleteInport) and gain unauthorized access to sensitive data or operations. Public exploit code exists for this vulnerability, and no patch is currently available. The vulnerability affects Java-based deployments with network access to the warehouse application.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Improper access controls in the Customer Endpoint of yeqifu Warehouse allow authenticated remote attackers to manipulate customer data through the addCustomer, updateCustomer, and deleteCustomer functions. Public exploit code exists for this vulnerability, and the vendor has not yet provided a patch. An attacker with valid credentials can achieve unauthorized information disclosure, modification, and denial of service with low attack complexity.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Improper access controls in the Cache Sync Handler of yeqifu Warehouse allow authenticated remote attackers to manipulate cache operations (deleteCache, removeAllCache, syncCache) and achieve unauthorized modification or denial of service. Public exploit code exists for this vulnerability, and the vendor has not yet released a patch despite early notification.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 8.2
HIGH This Week

Spring Data Geode's snapshot import feature on Windows systems is vulnerable to path traversal attacks that enable attackers to write arbitrary files outside the intended extraction directory. Remote attackers can exploit this vulnerability without authentication to potentially overwrite critical system or application files. No patch is currently available.

Path Traversal Microsoft Java
NVD HeroDevs VulDB
EPSS 0% CVSS 2.1
LOW Monitor

Improper authorization in GoogTech sms-ssm's LoginInterceptor API interface allows remote authenticated attackers to bypass access controls and manipulate protected functions. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available, requiring organizations to implement compensating controls or restrict access to the affected API endpoints.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

Unrestricted file upload in huanzi-qch base-admin's JSP file upload function allows authenticated remote attackers to upload arbitrary files by manipulating the File parameter, potentially leading to code execution. The vulnerability affects the SysFileController component and has public exploit code available. No patch is currently available from the developers.

Java Authentication Bypass File Upload
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Path traversal in Blossom up to version 1.17.1 file upload functionality allows authenticated remote attackers to access arbitrary files on affected systems. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.

Java Path Traversal File Upload
NVD VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

A vulnerability was detected in Blossom up to 1.17.1. This vulnerability affects the function content of the file blossom-backend/backend/src/main/java/com/blossom/backend/server/article/draft/ArticleController.java of the component Article Title Handler. [CVSS 3.5 LOW]

Java XSS
NVD VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com/cskefu/cc/controller/resource/MediaController.java of the component File Upload. [CVSS 3.5 LOW]

Java XSS File Upload
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Server-side request forgery in Cskefu up to version 8.0.1 allows authenticated remote attackers to manipulate the URL parameter in the MediaController endpoint to perform arbitrary HTTP requests from the affected server. Public exploit code exists for this vulnerability and the vendor has not provided a patch despite early notification. The attack requires valid authentication credentials but can be executed remotely with low complexity.

Java SSRF
NVD VulDB
EPSS 0% CVSS 5.0
MEDIUM POC This Month

JeecgBoot 3.9.1's RAG knowledge controller fails to properly validate ZIP file imports, allowing authenticated remote attackers to trigger unsafe deserialization with public exploit code available. The vulnerability requires authentication and complex attack execution but could enable information disclosure or integrity compromise. No patch is currently available from the vendor.

Java Deserialization AI / ML +1
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

OpenCC JFlow versions up to 20260129 contain an XML External Entity (XXE) injection vulnerability in the Workflow Engine's file handling component that allows authenticated remote attackers to read sensitive files or perform denial of service attacks. Public exploit code exists for this vulnerability, and the vendor has not yet provided a patch. The issue affects Java-based deployments and requires valid credentials to exploit.

Java XXE
NVD VulDB
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas. This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version 1.12.0. [CVSS 7.3 HIGH]

Apache Java Code Injection +2
NVD VulDB
EPSS 0% CVSS 1.9
LOW POC Monitor

A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. [CVSS 2.4 LOW]

Java XSS
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Improper authorization in WukongCRM up to version 11.3.3 allows authenticated remote attackers to manipulate URL handling logic and bypass access controls. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. The flaw affects the PermissionServiceImpl component and enables attackers to gain unauthorized access to restricted functionality.

Java Information Disclosure Wukongcrm
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Improper authorization in the yeqifu Warehouse Log Info Handler allows authenticated remote attackers to access, modify, or delete log information through the loadAllLoginfo, deleteLoginfo, and batchDeleteLoginfo functions. Public exploit code exists for this vulnerability, and the developers have not yet released a patch despite early notification. Java-based deployments using affected versions are at risk of unauthorized log manipulation by authenticated users.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Improper authorization in Yeqifu Warehouse's Notice Management component allows authenticated users to perform unauthorized operations on notice records through the addNotice, updateNotice, deleteNotice, and batchDeleteNotice functions. Public exploit code exists for this vulnerability, and the vendor has not yet responded to the disclosure. An attacker with valid credentials can remotely manipulate notice data, compromising the confidentiality, integrity, and availability of the application.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Improper authorization in the Department Management component of yeqifu Warehouse allows authenticated users to manipulate department operations (add, update, delete) without proper access controls. Public exploit code exists for this vulnerability, which can be leveraged remotely by attackers with valid credentials. No patch is currently available from the vendor.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Improper authorization in the Menu Management component of Yeqifu Warehouse allows authenticated remote attackers to manipulate menu operations (add, update, delete) without proper access controls. Public exploit code exists for this vulnerability, and the maintainers have not yet released a patch despite early notification. The flaw affects Java-based deployments running the vulnerable commit and could enable unauthorized administrative actions.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Improper authorization in the Permission Management component of yeqifu Warehouse allows authenticated remote attackers to manipulate permission-related functions (addPermission, updatePermission, deletePermission) and gain unauthorized access or modify system permissions. Public exploit code exists for this vulnerability, and no patch is currently available. The vulnerability affects Java-based Warehouse deployments with a CVSS score of 6.3.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Improper authorization in yeqifu Warehouse's Role Management Handler (addRole/updateRole/deleteRole functions) allows authenticated remote attackers to perform unauthorized privilege escalation and data manipulation. Public exploit code exists for this vulnerability, and the vendor has not released a patch or responded to disclosure. An attacker with valid credentials can bypass authorization controls to modify system roles and access restrictions.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. [CVSS 6.3 MEDIUM]

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Improper access control in the Role-Permission Binding Handler of yeqifu Warehouse allows authenticated remote attackers to modify role permissions through the saveRolePermission function, potentially gaining unauthorized access to sensitive operations. Public exploit code exists for this vulnerability, and the vendor has not yet released a patch despite early notification of the issue.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 1.3
LOW POC PATCH Monitor

Improper authorization in Sanluan PublicCMS versions up to 4.0.202506.d, 5.202506.d, and 6.202506.d allows authenticated attackers to manipulate the paymentId parameter in the Trade Payment Handler, potentially leading to integrity and availability impacts. Public exploit code exists for this vulnerability, though exploitation requires high complexity and specific conditions. A patch is available and should be applied promptly to affected Java-based deployments.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

JinJava template engine has a server-side template injection vulnerability enabling arbitrary code execution through crafted Jinja-style templates.

Java Golang Django +1
NVD GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Unrestricted file upload in Bolo Solo up to version 2.6.4 allows authenticated remote attackers to upload arbitrary files via the FreeMarker Template Handler component. Public exploit code exists for this vulnerability, and the vendor has not yet released a patch despite early notification. An attacker with valid credentials can achieve limited confidentiality, integrity, and availability impacts.

Java Authentication Bypass File Upload
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Path traversal in Bolo Solo up to version 2.6.4 allows authenticated attackers to manipulate file path arguments in the backup import function, potentially accessing or modifying arbitrary files on the affected system. Public exploit code exists for this vulnerability, and the maintainers have not yet released a patch despite early notification. The attack requires valid credentials but can be executed remotely over the network.

Java Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Path traversal in Bolo Solo's importFromMarkdown function allows authenticated attackers to manipulate file paths and access arbitrary files on affected systems. The vulnerability affects Bolo Solo versions up to 2.6.4 and requires valid credentials but no user interaction to exploit. Public exploit code exists for this vulnerability, and no patch is currently available.

Java Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Path traversal in Bolo Solo up to version 2.6.4 allows authenticated attackers to manipulate ZIP file extraction operations in the BackupService component, potentially reading or writing arbitrary files on the affected system. Public exploit code is available for this vulnerability, and the vendor has not yet provided a patch despite early notification.

Java Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Pre-authentication RCE in AirControl 1.4.2 network management allows unauthenticated system command execution. PoC available.

Java RCE
NVD Exploit-DB
EPSS 0% CVSS 2.1
LOW POC Monitor

Unsafe deserialization in Bolo Solo up to version 2.6.4 through the SnakeYAML component allows authenticated attackers to execute arbitrary code remotely via the importMarkdownsSync function. Public exploit code exists for this vulnerability and no patch is currently available. Authenticated users with access to the backup functionality can trigger this flaw to compromise affected systems.

Java Deserialization
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals. [CVSS 5.3 MEDIUM]

Java Information Disclosure Bigfix Compliance
NVD
EPSS 0%
This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in yacy yacy_search_server (source/net/yacy/http/servlets modules). This vulnerability is associated with program files YaCyDefaultServlet.Java.

Java XSS
NVD GitHub
EPSS 0%
Monitor

Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j (weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules). This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java.

Java
NVD GitHub
EPSS 0%
Monitor

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in datavane tis (tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules). This vulnerability is associated with program files ChangeDomainAction.Java.

Java
NVD GitHub
EPSS 0%
This Week

Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis (tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules). This vulnerability is associated with program files XmlFile.Java.

Java Deserialization
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media (plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules). This vulnerability is associated with program files SeekableOutputStream.Java.

Apache Java Jwt Attack +1
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

Improper Control of Generation of Code ('Code Injection') vulnerability in liuyueyi quick-media (plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules). This vulnerability is associated with program files PNGImageEncoder.Java.

Apache Java Code Injection +1
NVD GitHub VulDB
EPSS 0%
PATCH Monitor

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in briandilley jsonrpc4j (src/main/java/com/googlecode/jsonrpc4j modules). This vulnerability is associated with program files NoCloseOutputStream.Java.

Java
NVD GitHub
EPSS 0%
This Week

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in CardboardPowered cardboard (src/main/java/org/cardboardpowered/impl/world modules). This vulnerability is associated with program files WorldImpl.Java.

Java
NVD GitHub
EPSS 0%
This Week

Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager (app/src/main/java/org/apache/commons/compress/archivers/tar modules). This vulnerability is associated with program files TarUtils.Java.

Apache Java Integer Overflow
NVD GitHub
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

XXE (XML External Entity) injection in AssertJ Java testing library from 1.4.0 to before 3.27.7 allows reading arbitrary files when parsing XML assertions. Patch available.

Java SSRF XXE +4
NVD GitHub
EPSS 0% CVSS 9.9
CRITICAL POC Act Now

Access control bypass in SpringBlade v4.5.0 importUser function allows low-privileged users to import sensitive user data and escalate privileges. PoC available.

Spring Java Privilege Escalation +3
NVD GitHub
EPSS 0% CVSS 2.0
LOW Monitor

A vulnerability was determined in lcg0124 BootDo up to 5ccd963c74058036b466e038cff37de4056c1600. Affected by this vulnerability is the function redirectToLogin of the file AccessControlFilter.java of the component Host Header Handler. [CVSS 3.5 LOW]

Java Open Redirect
NVD GitHub VulDB
EPSS 0% CVSS 9.9
CRITICAL Act Now

SpringBlade v4.5.0 has an access control flaw in authRoutes allowing low-privileged users to escalate to admin through the authentication routing mechanism.

Spring Java Privilege Escalation +2
NVD GitHub
EPSS 0%
PATCH Monitor

ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially malicious Java class requires that said class is present on the user's class-path. In addition, the attacker must have write access to a configuration file. However, after successful instantia...

Java
NVD
Prev Page 6 of 37 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy