What is CVE-2025-56769?

CVE-2025-56769 is a publicly disclosed cybersecurity vulnerability with a MEDIUM severity rating and CVSS score of 6.5.

How to search for CVE vulnerabilities?

You can search the 4nuxd CVE database using CVE IDs, vendor names, product names, or severity levels.

CVE-2025-56769

MEDIUM6.5/ 10.0

Published: September 25, 2025 at 11:15 PM

Modified: October 3, 2025 at 06:37 PM

Source: cve@mitre.org

Vulnerability Description

An issue was discovered in chinabugotech hutool before 5.8.4 allowing attackers to execute arbitrary expressions that lead to arbitrary method invocation and potentially remote code execution (RCE) via the QLExpressEngine class.

CVSS Metrics

Base Score

6.5

Severity

MEDIUM

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Weaknesses (CWE)

CWE-77

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References & Intelligence

https://github.com/chinabugotech/hutool/issues/3994

Source: cve@mitre.org

ExploitIssue TrackingPatch

Related Resources

Browse CVE Database

Search 294,000+ vulnerabilities

CVEs from 2025

View all vulnerabilities this year

CWE Database

Explore weakness categories

Security Writeups

Learn from real-world examples

About 4nuxd

Cybersecurity research & tools

Homepage

Explore more security resources