CVE-2026-3067
- EPSS 0.09%
- Veröffentlicht 24.02.2026 03:32:07
- Zuletzt bearbeitet 24.02.2026 21:06:26
A vulnerability has been found in HummerRisk up to 1.5.0. This issue affects the function extractTarGZ/extractZip of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/CommandUtils.java of the component Archive Extra...
CVE-2026-3066
- EPSS 0.41%
- Veröffentlicht 24.02.2026 03:02:07
- Zuletzt bearbeitet 24.02.2026 21:05:59
A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/PlatformUtils.java of the component Cloud Compliance Scannin...
CVE-2026-3065
- EPSS 0.41%
- Veröffentlicht 24.02.2026 02:32:10
- Zuletzt bearbeitet 24.02.2026 21:05:47
A vulnerability was detected in HummerRisk up to 1.5.0. This affects the function CommandUtils.commonExecCmdWithResult of the file CloudTaskService.java of the component Cloud Task Dry-run. Performing a manipulation of the argument fileName results i...
CVE-2026-3064
- EPSS 0.41%
- Veröffentlicht 24.02.2026 02:32:08
- Zuletzt bearbeitet 24.02.2026 21:05:33
A security vulnerability has been detected in HummerRisk up to 1.5.0. Affected by this issue is some unknown functionality of the file ResourceCreateService.java of the component Cloud Task Scheduler. Such manipulation of the argument regionId leads ...
CVE-2025-63721
- EPSS 0.07%
- Veröffentlicht 08.12.2025 00:00:00
- Zuletzt bearbeitet 11.12.2025 15:15:49
HummerRisk thru v1.5.0 is using a vulnerable Snakeyaml component, allowing attackers with normal user privileges to hit the /rule/add API and thereby achieve RCE and take over the server.
CVE-2023-43449
- EPSS 0.17%
- Veröffentlicht 16.01.2024 02:15:28
- Zuletzt bearbeitet 03.06.2025 14:15:29
An issue in HummerRisk HummerRisk v.1.10 thru 1.4.1 allows an authenticated attacker to execute arbitrary code via a crafted request to the service/LicenseService component.