| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4564 | yangzongzhuan RuoYi Quartz Job job code injection | yangzongzhuan | RuoYi | Medium | 4.7 | 2026-03-22 23:51:06 | Deep Dive |
| CVE-2025-10989 | yangzongzhuan RuoYi selectAll improper authorization | yangzongzhuan | RuoYi | Medium | 6.3 | 2025-09-26 00:32:11 | Deep Dive |
| CVE-2025-10473 | yangzongzhuan RuoYi Blacklist SqlUtil.java filterKeyword sql injection | yangzongzhuan | RuoYi | Medium | 6.3 | 2025-09-15 19:02:06 | Deep Dive |
| CVE-2025-10384 | yangzongzhuan RuoYi Role cancelAll improper authorization | yangzongzhuan | RuoYi | Medium | 5.4 | 2025-09-13 19:32:07 | Deep Dive |
| CVE-2025-8847 | yangzongzhuan RuoYi edit cross site scripting | yangzongzhuan | RuoYi | Low | 3.5 | 2025-08-11 13:02:07 | Deep Dive |
| CVE-2025-7907 | yangzongzhuan RuoYi Druid application-druid.yml default credentials | yangzongzhuan | RuoYi | Medium | 4.3 | 2025-07-20 20:32:05 | Deep Dive |
| CVE-2025-7906 | yangzongzhuan RuoYi CommonController.java uploadFile unrestricted upload | yangzongzhuan | RuoYi | Medium | 6.3 | 2025-07-20 19:32:05 | Deep Dive |
| CVE-2025-7903 | yangzongzhuan RuoYi Image Source ui layer | yangzongzhuan | RuoYi | Medium | 4.3 | 2025-07-20 16:32:06 | Deep Dive |
| CVE-2025-7902 | yangzongzhuan RuoYi SysNoticeController.java addSave cross site scripting | yangzongzhuan | RuoYi | Low | 3.5 | 2025-07-20 16:02:06 | Deep Dive |
| CVE-2025-7901 | yangzongzhuan RuoYi Swagger UI index.html cross site scripting | yangzongzhuan | RuoYi | Medium | 4.3 | 2025-07-20 15:32:05 | Deep Dive |
| CVE-2025-4537 | yangzongzhuan RuoYi-Vue Password login.vue sensitive information in a cookie | yangzongzhuan | RuoYi-Vue | Low | 3.1 | 2025-05-11 09:31:05 | Deep Dive |