Back to overview

CVE-2026-38812

Description

RuoYi v4.8.2 is vulnerable to SQL Injection via the /tool/gen/createTable endpoint. The issue affects the code generation module and may allow an authenticated attacker with administrative privileges to access sensitive database information.

Metadata

CVE ID: CVE-2026-38812
State: PUBLISHED
Assigner: mitre
Reserved: 2026-04-06 00:00 UTC
Published: 2026-06-15 00:00 UTC
Last updated: 2026-06-15 18:53 UTC
Vendor / Product: n/a / n/a
Sources: cve.org · NVD

Severity & Metrics

No CVSS data available.

Affected products (1)

Vendor	Product	Platform	Versions
n/a	n/a	—	n/a

Weakness (CWE)

CWE	Source	Description
—	cna	n/a

References (1)

https://github.com/jjcjgo/CVE-2026-38812-RuoYi-SQL-Injection

Back to overview