Dromara Ruoyi-vue-plus — known CVE vulnerabilities
Every CVE whose affected-product data names Dromara Ruoyi-vue-plus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2025-66916 — CVSS 9.4 (critical): The snailjob component in RuoYi-Vue-Plus versions 5.5.1 and earlier, interface /snail-job/workflow/check-node-expression can execute…
CVE-2025-6925 — CVSS 5.3 (medium): A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown…