CVE-2026-7045 | baomidou dynamic-datasource 2.5.0 StandardEvaluationContext/SpelExpressionParser DsSpelExpressionProcessor.java DsSpelExpressionProcessor#doDetermineDatasource injection (Issue 766)

A vulnerability was found in baomidou dynamic-datasource 2.5.0. It has been classified as critical. Affected by this vulnerability is the function DsSpelExpressionProcessor#doDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the component StandardEvaluationContext/SpelExpressionParser. This manipulation causes injection.

This vulnerability appears as CVE-2026-7045. The attack may be initiated remotely. There is no available exploit.

It is recommended to apply a patch to fix this issue.

CVE-2026-7045 | baomidou dynamic-datasource 2.5.0 StandardEvaluationContext/SpelExpressionParser DsSpelExpressionProcessor.java DsSpelExpressionProcessor#doDetermineDatasource injection (Issue 766)

Post correlati

CVE-2025-5295 | FreeFloat FTP Server 1.0.0 PORT Command buffer overflow

CVE-2025-11607 | harry0703 MoneyPrinterTurbo up to 1.2.6 API Endpoint music.py upload_music File path traversal

CVE-2026-6649 | Qibo CMS 1.0 /index/image/headers starts server-side request forgery

CVE-2023-53342 | Linux Kernel up to 6.1.45/6.4.10 fib_info_nh state issue