CNNVD-202601-1804 Information

CNNVD ID

CNNVD-202601-1804

Related CVE

CVE-2026-22786

• CNNVD Published: 2026-01-12

Description (Chinese)

Gin-Vue-Admin是flipped-aurora开源的一个基于 Vue 和 Gin 开发的全栈前开发基础平台。 Gin-vue-admin v2.8.7及之前版本存在代码问题漏洞，该漏洞源于断点续传上传功能存在路径遍历，可能导致攻击者在任意目录上传任意文件。

Description (English)

Gin-Vue-Admin is a foundation platform for all-canton development based on Vue and Gin. Gin-vue-admin v2.8.7 and previous versions had a code problem loophole, which stemmed from the fact that there was a path to upload at breakpoints, which could lead to the attackers uploading any file in any directory.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

flipped-aurora

Published

2026-01-12

Last Modified

2026-02-24

References

https://github.com/flipped-aurora/gin-vue-admin/commit/2242f5d6e133e96d1b359ac019bf54fa0e975dd5 https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-3558-j79f-vvm6

Patch

https://github.com/flipped-aurora/gin-vue-admin/releases