Browse all 4 CVE security advisories affecting rymcu. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Rymcu primarily develops embedded systems and IoT firmware for various industrial applications. Historically, the organization's products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by their four recorded CVEs. Security researchers have identified weak input validation, insufficient authentication mechanisms, and insecure default configurations as recurring problems. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in their firmware suggests potential risks for deployed devices, particularly in environments where network segmentation is inadequate.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-2947 | rymcu forest User Profile UserInfoController.java updateUserInfo cross site scripting — forestCWE-79 | 3.5 | Low | 2026-02-22 |
| CVE-2026-2946 | rymcu forest Article Content/Comments/Portfolio XssUtils.java XssUtils.replaceHtmlCode cross site scripting — forestCWE-79 | 3.5 | Low | 2026-02-22 |
| CVE-2025-12925 | rymcu forest UserDicController.java deleteDic authorization — forestCWE-862 | 7.3 | High | 2025-11-10 |
| CVE-2025-12924 | rymcu forest BankController.java GlobalResult authorization — forestCWE-862 | 4.3 | Medium | 2025-11-10 |
This page lists every published CVE security advisory associated with rymcu. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.