CVE-2026-9374 in RuoYi-Vueالمعلومات

الملخص

بحسب MITRE • 24/05/2026

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a manipulation results in unrestricted upload. The attack is possible to be carried out remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulDB

إفشاء

24/05/2026

الاعتدال

تمت الموافقة

إدخال

VDB-365338

CPE

جاهز

CWE

CWE-434 (مؤكد)

CVSS

6.3 (VulDB)

EPSS

0.00035

KEV

لا

النشاطات

منخفض

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-9374
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-9374
CVE Details	https://www.cvedetails.com/cve/CVE-2026-9374/

التالي ▸نظرة عامة ◂ السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!