Lamp Cloud
Approved changes feed: RSS · Atom
cpe:2.3:a:dromara:lamp-cloud:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Dromara (b947c778-a342-54de-aeca-3412ce9a5af8) |
|---|---|
| Product | Lamp Cloud (5e208908-4183-583b-8422-d82c41165c6f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-9498 |
vulnerable | 2026-06-08 08:08:59.002363 |
Dromara lamp-cloud Message Template GroovyClassLoader.parseClass special elements used in a template engine
MEDIUM (6.3)
A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument DefMsgTemplate.content leads to improper neutralization of special elements used in a template engine. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-05-25T20:00:18.474Z
Updated: 2026-05-28T15:44:33.709Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-5529 |
vulnerable | 2026-06-08 08:07:03.796566 |
Dromara lamp-cloud DefUserController pageUser improper authorization
MEDIUM (4.3)
A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-04-05T00:15:13.302Z
Updated: 2026-04-06T19:11:19.646Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.