CVE-2026-7710 | YunaiV yudao-cloud up to 3.8.0 Ruoyi-Vue-Pro JwtAuthenticationTokenFilter.java doFilterInternal mock-token improper authentication

A vulnerability was found in YunaiV yudao-cloud up to 3.8.0. It has been rated as critical. This affects the function doFilterInternal of the file JwtAuthenticationTokenFilter.java of the component Ruoyi-Vue-Pro. Performing a manipulation of the argument mock-token results in improper authentication.

This vulnerability is known as CVE-2026-7710. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-7710 | YunaiV yudao-cloud up to 3.8.0 Ruoyi-Vue-Pro JwtAuthenticationTokenFilter.java doFilterInternal mock-token improper authentication

Post correlati

CVE-2023-53817 | Linux Kernel up to 6.5.4 crypto mpi_cmp_ui null pointer dereference

CVE-2024-39820 | Zoom Workplace Desktop App on macOS uncontrolled search path (ZSB-24027)

CVE-2025-8470 | SourceCodester Online Hotel Reservation System 1.0 /admin/deleteroom.php ID sql injection

CVE-2024-38533 | matter-labs era-compiler-vyper up to 1.4.x out-of-bounds write (GHSA-q7pg-6jh9-87gv)