cvedb.io
CVE-2025-66410
CRITICAL · CVSS 9.1
EPSS exploitation probability: 0%
Published 2025-12-01T23:15:53.730 · Last modified 2026-06-17T09:56:47.440

Summary

Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.

Affected products

gin-vue-admin_project — gin-vue-admin

Does this affect you?

Add your gear to cvedb and we'll alert you only when gin-vue-admin_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.