CVE-2025-66916

critical

Description

The snailjob component in RuoYi-Vue-Plus versions 5.5.1 and earlier, interface /snail-job/workflow/check-node-expression can execute QLExpress expressions, but it does not filter user input, allowing attackers to use the File class to perform arbitrary file reading and writing.

References

https://github.com/Catherines77/code-au/blob/main/ruoyi-vue-plus/QLExpress.md

https://gitee.com/dromara/RuoYi-Vue-Plus

https://gist.github.com/Catherines77/e3f06b9c4cc6298579e858088a243c3d

Details

Source: Mitre, NVD

Published: 2026-01-08

Updated: 2026-01-08

Risk Information

CVSS v2

Base Score: 9.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:P

Severity: High

CVSS v3

Base Score: 9.4

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Severity: Critical

EPSS

EPSS: 0.00044