VYPR
Unrated severityOSV Advisory· Published Dec 8, 2025· Updated Dec 11, 2025

CVE-2025-63721

CVE-2025-63721

Description

HummerRisk thru v1.5.0 is using a vulnerable Snakeyaml component, allowing attackers with normal user privileges to hit the /rule/add API and thereby achieve RCE and take over the server.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Hummerrisk/HummerriskOSV2 versions
    v0.1.0, v0.1.1, v0.1.2, …+ 1 more
    • (no CPE)range: v0.1.0, v0.1.1, v0.1.2, …
    • (no CPE)range: <=1.5.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.