dromara Exploited Vulnerabilities

Dromara vulnerabilities known to be exploited. Over the past 365 days, sorted by exploit discovery date.

JSON RSS CSV 🔔 Create Alert Trigger

Authorization Bypass in RuoYi-Vue-Plus Workflow Management
CVE-2026-58176
DromaraRuoyi-vue-plus👾🟡7.1HIGH
Remote Code Execution Vulnerability in Dromara Lamp-Cloud
CVE-2026-9498
DromaraLamp-cloud👾🟡5.3MEDIUM
SQL Injection Vulnerability in Dromara MaxKey Software
CVE-2026-7699
DromaraMaxkey👾🟡5.3MEDIUM
Code Injection Vulnerability in Dromara Warm-Flow Product
CVE-2026-6125
DromaraWarm-flow👾🟡5.3MEDIUM
Improper Authorization in Dromara Lamp-Cloud Affects Remote User Management
CVE-2026-5529
DromaraLamp-cloud👾🟡5.3MEDIUM
Remote Code Injection Vulnerability in Dromara UJCMS Product
CVE-2026-2954
DromaraUjcms👾🟡5.3MEDIUM
Path Traversal Vulnerability in Dromara UJCMS 101.2
CVE-2026-2953
DromaraUjcms👾🟡5.3MEDIUM
Deserialization Vulnerability in Dromara Sa-Token by Dromara
CVE-2025-15222
DromaraSa-token👾🟡2.3LOW
Injection Vulnerability in Dromara DataCompare JDBC URL Handler of Dromara
CVE-2025-13268
DromaraDatacompare👾🟡5.3MEDIUM