VIR Vulnerability Intelligence Relay

CVE-2025-7789

low
Published 2025-07-18 · Modified 2026-05-07
CVSS v3
3.7
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS v2
2.6
VIR risk
3.7

Description

xxl-job has Inadequate Encryption Strength

Predictions

Exploit likelihood
47%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cna@vuldb.com — https://github.com/xuxueli/xxl-job/issues/3751

Package impact
EcosystemPackageVulnerableFixed
java Mavencom.xuxueli:xxl-job-admin<3.2.03.2.0
java MAVENcom.xuxueli:xxl-job-admin<= 3.1.13.2.0

Application impact
VendorProductVersionsFixed
xuxuelixxl-job{"endIncluding":"3.1.1"}

References

CWEs

CWE-326 CWE-916

Verify integrity in audit chain (admin only). AS-IS.