Unrated severityNVD Advisory· Published Dec 22, 2025· Updated Dec 22, 2025
CVE-2025-66735
CVE-2025-66735
Description
youlai-boot V2.21.1 is vulnerable to Incorrect Access Control. The getRoleForm function in SysRoleController.java does not perform permission checks, which may allow non-root users to directly access root roles.
Affected products
2- youlai-boot/youlai-bootdescription
- Range: = 2.21.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.