Path Traversal in Taoofagi Easegen-admin
CVE-2026-4285
A vulnerability was identified in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. Impacted is the function recognizeMarkdown of the file yudao-module-digitalcourse/yudao-module-digitalcourse-biz/src/main/java/cn/ioco…
Vulnerability class: Path Traversal (Directory Traversal)
EPSS: 0.001 (23.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 2.7 (Low). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N.
Affected products
- Taoofagi Easegen-admin — versions 8f87936ac774065b92fb20aab55b274a6ea76433
Weakness classification (CWE)
References
- VDB-351291 | taoofagi easegen-admin Pdf2MdUtil.java recognizeMarkdown path traversal (technical-description, vdb-entry)
- VDB-351291 | CTI Indicators (IOB, IOC, TTP, IOA) (signature, permissions-required)
- Submit #771950 | taoofagi easegen-admin 2.3.0 Path Traversal (third-party-advisory)
- cna@vuldb.com (exploit)
Frequently asked questions
- What is CVE-2026-4285?
- CVE-2026-4285 is a low-severity vulnerability in Taoofagi Easegen-admin, classified under Path Traversal. CVSS score: 2.7/10. Published 2026-03-17.
- How severe is CVE-2026-4285?
- Low severity. CVSS v3 base score is 2.7 out of 10.