CVE-2025-56816

EPSS 2.01% · P84 Updated Sep 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-56816

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the application allows attackers to upload arbitrary YAML files to the config/jdbc-driver-ext.yml path. The application parses this file using SnakeYAML's unsafe load() or loadAs() method without input sanitization. This allows deserialization of attacker-controlled YAML content, leading to arbitrary class instantiation. Under certain conditions, this can be exploited to achieve remote code execution (RCE).

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

datart 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

datart是running-elephant开源的一个数据可视化开放平台。 datart 1.0.0-rc.3版本存在安全漏洞，该漏洞源于配置文件处理不当，可能导致路径遍历和远程代码执行。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2025-56816

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-56816

请登录查看更多情报信息。

Same Patch Batch · n/a · 2025-09-24 · 25 CVEs total

CVE-2025-57349		messageformat 安全漏洞
CVE-2025-57319		fast-redact 安全漏洞
CVE-2025-57318		csvjson 安全漏洞
CVE-2025-57323		Regularjs 安全漏洞
CVE-2025-57324		parse-server 安全漏洞
CVE-2025-57321		magix-combine 安全漏洞
CVE-2025-57327		spmrc 安全漏洞
CVE-2025-57330		Web3.js 安全漏洞
CVE-2025-57328		toggle-array 安全漏洞
CVE-2025-57326		SassDoc Extras 安全漏洞
CVE-2025-57325		Rollbar.js 安全漏洞
CVE-2025-57320		json-schema-editor-vue 安全漏洞
CVE-2025-56815		datart 安全漏洞
CVE-2025-57329		Web3.js 安全漏洞
CVE-2025-57347		dagre-d3-es 安全漏洞
CVE-2025-57351		ts-fns 安全漏洞
CVE-2025-57348		Cube 安全漏洞
CVE-2025-57350		CSVTOJSON 安全漏洞
CVE-2025-57354		Counterpart 安全漏洞
CVE-2025-57353		messageformat 安全漏洞

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2025-56816

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-56816

I. Basic Information for CVE-2025-56816

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-56816

III. Intelligence Information for CVE-2025-56816

Same Patch Batch · n/a · 2025-09-24 · 25 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-56816

Leave a comment