CVE-2025-56816HIGH 8.8EPSS p65.1%

CVE-2025-56816CVE-2025-56816

Description

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the application allows attackers to upload arbitrary YAML files to the config/jdbc-driver-ext.yml path. The application parses this file using SnakeYAML's unsafe load() or loadAs() method without input sanitization. This allows deserialization of attacker-controlled YAML content, leading to arbitrary class instantiation. Under certain conditions, this can be exploited to achieve remote code execution (RCE).

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS1.23% probability of exploitation · percentile 65.1% · 2026-06-18T12:00:27Z
Published2025-09-24
Last modified2025-10-10

Underlying weaknesses· 2

CWE-22CWE-502

References

  1. https://github.com/running-elephant/datart
  2. https://github.com/xiaoxiaoranxxx/CVE-2025-56815

2

TypeTargetConfidenceTier
WeaknessImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')cwe-220%live
WeaknessDeserialization of Untrusted Datacwe-5020%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-70828
CVE
CVE-2025-56819
CVE
CVE-2025-70830
CVE
CVE-2025-59171
CVE
CVE-2025-10438
CVE
CVE-2024-6445
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.