VYPR
Medium severity6.3NVD Advisory· Published Dec 18, 2025· Updated Apr 29, 2026

CVE-2025-14856

CVE-2025-14856

Description

A security vulnerability has been detected in y_project RuoYi up to 4.8.1. The affected element is an unknown function of the file /monitor/cache/getnames. Such manipulation of the argument fragment leads to code injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.

CVE-2025-14856 · Medium · VYPR