Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

YunaiV — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting YunaiV. AI-powered Chinese analysis, POCs, and references for each vulnerability.

YunaiV is an open-source virtualization platform primarily used for creating and managing virtual machines and containers. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 12 recorded CVEs. The platform's security posture has been compromised through insufficient input validation and improper access controls, leading to several high-severity exploits. Notable incidents include cases where unauthenticated attackers could execute arbitrary code or gain elevated system privileges, highlighting ongoing challenges in secure configuration and regular patch management.

Top products by YunaiV: yudao-cloud ruoyi-vue-pro
CVE IDTitleCVSSSeverityPublished
CVE-2026-7710 YunaiV yudao-cloud Ruoyi-Vue-Pro JwtAuthenticationTokenFilter.java doFilterInternal improper authentication — yudao-cloudCWE-287 7.3 High2026-05-03
CVE-2026-7679 YunaiV yudao-cloud OAuth2TokenServiceImpl.java getAccessToken improper authentication — yudao-cloudCWE-287 7.3 High2026-05-03
CVE-2026-7678 YunaiV yudao-cloud GoViewDataServiceImpl.java getDataBySQL sql injection — yudao-cloudCWE-89 6.3 Medium2026-05-03
CVE-2026-5148 YunaiV yudao-cloud page sql injection — yudao-cloudCWE-89 4.7 Medium2026-03-30
CVE-2026-5147 YunaiV yudao-cloud get-by-website sql injection — yudao-cloudCWE-89 7.3 High2026-03-30
CVE-2025-15098 YunaiV yudao-cloud Business Process Management BpmSyncHttpRequestTrigger server-side request forgery — yudao-cloudCWE-918 6.3 Medium2025-12-26
CVE-2025-10988 YunaiV ruoyi-vue-pro transfer improper authorization — ruoyi-vue-proCWE-285 6.3 Medium2025-09-26
CVE-2025-10987 YunaiV yudao-cloud HTTP Request transfer improper authorization — yudao-cloudCWE-285 6.3 Medium2025-09-26
CVE-2025-10278 YunaiV ruoyi-vue-pro transfer improper authorization — ruoyi-vue-proCWE-285 6.3 Medium2025-09-12
CVE-2025-10277 YunaiV yudao-cloud submit improper authorization — yudao-cloudCWE-285 6.3 Medium2025-09-12
CVE-2025-10276 YunaiV ruoyi-vue-pro transfer improper authorization — ruoyi-vue-proCWE-285 6.3 Medium2025-09-12
CVE-2025-10275 YunaiV yudao-cloud transfer improper authorization — yudao-cloudCWE-285 6.3 Medium2025-09-12

This page lists every published CVE security advisory associated with YunaiV. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.