Security Advisory

CVE-2026-9374

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-05-24 10:30:10

Last updated 2026-05-24 10:30:10

Assigner VulDB

State PUBLISHED

Description

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a manipulation results in unrestricted upload. The attack is possible to be carried out remotely. The vendor was contacted early about this disclosure but did not respond in any way.

← Browse all CVEs View on cve.org ↗