Medium severity6.3NVD Advisory· Published Dec 18, 2025· Updated Apr 29, 2026
CVE-2025-14856
CVE-2025-14856
Description
A security vulnerability has been detected in y_project RuoYi up to 4.8.1. The affected element is an unknown function of the file /monitor/cache/getnames. Such manipulation of the argument fragment leads to code injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/ltranquility/CVE/issues/26nvdExploitThird Party Advisory
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdPermissions RequiredVDB Entry
- vuldb.comnvd
News mentions
0No linked articles in our index yet.