cbcvebase.

Ageerle Ruoyi-Ai vulnerabilities

3 known vulnerabilities affecting ageerle/ruoyi-ai.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3

Vulnerabilities

Page 1 of 1
CVE-2025-6466P2CRITICALCVSS 9.8fixed in 2.0.1v2.0.02025-06-22
CVE-2025-6466 [CRITICAL] CWE-284 CVE-2025-6466: A vulnerability was found in ageerle ruoyi-ai 2.0.0 and classified as critical. Affected by this iss A vulnerability was found in ageerle ruoyi-ai 2.0.0 and classified as critical. Affected by this issue is the function speechToTextTranscriptionsV2/upload of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/service/impl/SseServiceImpl.java. The manipulation of the argument File leads to unrestricted upload. The attack may be launch
nvd
CVE-2025-3199P2CRITICALCVSS 9.8v2.0.0v2.0.12025-04-04
CVE-2025-3199 [CRITICAL] CWE-266 CVE-2025-3199: A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and classified as critical. Affected by th A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and classified as critical. Affected by this issue is some unknown functionality of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysModelController.java of the component API Interface. The manipulation leads to improper authorization. The attack may be
nvd
CVE-2025-3202P3CRITICALCVSS 9.1fixed in 2.0.1v2.02025-04-04
CVE-2025-3202 [CRITICAL] CWE-266 CVE-2025-3202: A vulnerability classified as critical has been found in ageerle ruoyi-ai up to 2.0.0. Affected is a A vulnerability classified as critical has been found in ageerle ruoyi-ai up to 2.0.0. Affected is an unknown function of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysNoticeController.java. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been d
nvd
Ageerle Ruoyi-Ai vulnerabilities | cvebase