CNNVD-202511-906 Information

CNNVD ID

CNNVD-202511-906

Related CVE

CVE-2025-63617

• CNNVD Published: 2025-11-10

Description (Chinese)

ktg-mes（苦糖果MES）是中国心笑峰（kutangguo）个人开发者的一个生产执行管理系统。 ktg-mes存在安全漏洞，该漏洞源于使用了存在漏洞的fastjson版本且反序列化不安全输入数据。

Description (English)

ktg-mes (Poor Candy MES) is a production implementation management system for personal developers of kutangguo in China. There is a security loophole in ktg-mes, which stems from the use of a lacuna fastjson version and the inverse sequenced unsafe input data.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-11-10

Last Modified

2026-02-24

References

https://gist.github.com/ChangeYourWay/8651679a2155269bccf520fcb34fc661 https://github.com/ChangeYourWay/post/blob/main/ktg-mes.md