
We found results for “”
CVE-2025-56769
Good to know:


Date: September 24, 2025
An issue was discovered in chinabugotech hutool before 5.8.4 allowing attackers to execute arbitrary expressions that lead to arbitrary method invocation and potentially remote code execution (RCE) via the QLExpressEngine class.
Severity Score
Related Resources (5)
Severity Score
Weakness Type (CWE)
Top Fix

Upgrade Version
Upgrade to version cn.hutool:hutool-extra:5.8.40;cn.hutool:hutool-all:5.8.40;https://github.com/chinabugotech/hutool.git - 5.8.40
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | NONE |