CVE-2025-70986

Description

Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data.

PUBLISHED Reserved 2026-01-09 | Published 2026-01-23 | Updated 2026-01-23 | Assigner mitre

References

github.com/yangzongzhuan/RuoYi

gitee.com/y_project/RuoYi

gitee.com/y_project/RuoYi/issues/IDIDME

gist.github.com/old6ma/779320a98f361c299ca024521cb72db6

cve.org (CVE-2025-70986)

nvd.nist.gov (CVE-2025-70986)

Download JSON