CVE 9.4 CRITICAL

CVE-2025-66916_CVE-2025-66916

January 8, 2026 invoker category_cve

9.4 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Description

The snailjob component in RuoYi-Vue-Plus versions 5.5.1 and earlier, interface /snail-job/workflow/check-node-expression can execute QLExpress expressions, but it does not filter user input, allowing attackers to use the File class to perform arbitrary file reading and writing.

AI Analysis

Arbitrary file reading and writing vulnerability in RuoYi-Vue-Plus due to unfiltered QLExpress expressions

Basic Information

ID CVE-2025-66916

Source mitre

Published Jan 8, 2026 at 00:00

Modified Jan 8, 2026 at 19:53

Affected Product

Vendor Dromara

Product RuoYi-Vue-Plus

Version 5.5.1

Affected Versions n/a n/a n/a

CWE Classification

CWE-94

AI Assessment

AI Score 9.4 / 10

AI Severity Critical

Vendor Dromara

Product RuoYi-Vue-Plus

Version 5.5.1

References

{
    "lastseen": "",
    "description": "The snailjob component in RuoYi-Vue-Plus versions 5.5.1 and earlier, interface /snail-job/workflow/check-node-expression can execute QLExpress expressions, but it does not filter user input, allowing attackers to use the File class to perform arbitrary file reading and writing.",
    "published": "2026-01-08T00:00:00.000Z",
    "modified": "2026-01-08T19:53:34.562Z",
    "type": "cve",
    "title": "CVE-2025-66916",
    "source": "mitre",
    "references": "https://gitee.com/dromara/RuoYi-Vue-Plus\nhttps://github.com/Catherines77/code-au/blob/main/ruoyi-vue-plus/QLExpress.md\nhttps://gist.github.com/Catherines77/e3f06b9c4cc6298579e858088a243c3d",
    "id": "CVE-2025-66916",
    "bulletinFamily": "",
    "cwe": [
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.4,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "RuoYi-Vue-Plus",
    "version": "5.5.1",
    "vendor": "Dromara",
    "ai_description": "Arbitrary file reading and writing vulnerability in RuoYi-Vue-Plus due to unfiltered QLExpress expressions",
    "ai_severity": "Critical",
    "ai_vendor": "Dromara",
    "ai_product": "RuoYi-Vue-Plus",
    "ai_version": "5.5.1",
    "ai_score": 9.4
}

💭 Join the Security Discussion ❌ Cancel Reply