{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-7045", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-25T16:10:12.081Z", "datePublished": "2026-04-26T13:45:15.529Z", "dateUpdated": "2026-04-27T20:11:33.625Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-26T13:45:15.529Z"}, "title": "baomidou dynamic-datasource StandardEvaluationContext/SpelExpressionParser DsSpelExpressionProcessor.java DsSpelExpressionProcessor#doDetermineDatasource injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-74", "lang": "en", "description": "Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-707", "lang": "en", "description": "Improper Neutralization"}]}], "affected": [{"vendor": "baomidou", "product": "dynamic-datasource", "versions": [{"version": "2.5.0", "status": "affected"}], "modules": ["StandardEvaluationContext/SpelExpressionParser"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessor#doDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the component StandardEvaluationContext/SpelExpressionParser. This manipulation causes injection. The attack may be initiated remotely. Patch name: 273fcedaee984c08197c0890f14190b86ab7e0b8. It is recommended to apply a patch to fix this issue."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:OF/RC:C"}}], "timeline": [{"time": "2026-04-25T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-25T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-25T18:15:17.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Winegee (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/vuln/359624", "name": "VDB-359624 | baomidou dynamic-datasource StandardEvaluationContext/SpelExpressionParser DsSpelExpressionProcessor.java DsSpelExpressionProcessor#doDetermineDatasource injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/359624/cti", "name": "VDB-359624 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/798600", "name": "Submit #798600 | baomidou dynamic-datasource 2.5.0+ SpEL Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/baomidou/dynamic-datasource/issues/766", "tags": ["issue-tracking"]}, {"url": "https://github.com/baomidou/dynamic-datasource/pull/767", "tags": ["issue-tracking", "patch"]}, {"url": "https://github.com/baomidou/dynamic-datasource/commit/273fcedaee984c08197c0890f14190b86ab7e0b8", "tags": ["patch"]}, {"url": "https://github.com/baomidou/dynamic-datasource/", "tags": ["product"]}], "tags": ["x_open-source"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-27T20:11:21.278866Z", "id": "CVE-2026-7045", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T20:11:33.625Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-7045", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-27T20:11:21.278866Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T20:11:27.571Z"}}], "cna": {"tags": ["x_open-source"], "title": "baomidou dynamic-datasource StandardEvaluationContext/SpelExpressionParser DsSpelExpressionProcessor.java DsSpelExpressionProcessor#doDetermineDatasource injection", "credits": [{"lang": "en", "type": "reporter", "value": "Winegee (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:OF/RC:C"}}], "affected": [{"vendor": "baomidou", "modules": ["StandardEvaluationContext/SpelExpressionParser"], "product": "dynamic-datasource", "versions": [{"status": "affected", "version": "2.5.0"}]}], "timeline": [{"lang": "en", "time": "2026-04-25T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-25T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-25T18:15:17.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/359624", "name": "VDB-359624 | baomidou dynamic-datasource StandardEvaluationContext/SpelExpressionParser DsSpelExpressionProcessor.java DsSpelExpressionProcessor#doDetermineDatasource injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/359624/cti", "name": "VDB-359624 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/798600", "name": "Submit #798600 | baomidou dynamic-datasource 2.5.0+ SpEL Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/baomidou/dynamic-datasource/issues/766", "tags": ["issue-tracking"]}, {"url": "https://github.com/baomidou/dynamic-datasource/pull/767", "tags": ["issue-tracking", "patch"]}, {"url": "https://github.com/baomidou/dynamic-datasource/commit/273fcedaee984c08197c0890f14190b86ab7e0b8", "tags": ["patch"]}, {"url": "https://github.com/baomidou/dynamic-datasource/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessor#doDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the component StandardEvaluationContext/SpelExpressionParser. This manipulation causes injection. The attack may be initiated remotely. Patch name: 273fcedaee984c08197c0890f14190b86ab7e0b8. It is recommended to apply a patch to fix this issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-74", "description": "Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-707", "description": "Improper Neutralization"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-26T13:45:15.529Z"}}}, "cveMetadata": {"cveId": "CVE-2026-7045", "state": "PUBLISHED", "dateUpdated": "2026-04-27T20:11:33.625Z", "dateReserved": "2026-04-25T16:10:12.081Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-26T13:45:15.529Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessor#doDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the component StandardEvaluationContext/SpelExpressionParser. This manipulation causes injection. The attack may be initiated remotely. Patch name: 273fcedaee984c08197c0890f14190b86ab7e0b8. It is recommended to apply a patch to fix this issue."}], "id": "CVE-2026-7045", "lastModified": "2026-04-27T18:50:06.087", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-26T22:17:32.233", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/baomidou/dynamic-datasource/"}, {"source": "cna@vuldb.com", "url": "https://github.com/baomidou/dynamic-datasource/commit/273fcedaee984c08197c0890f14190b86ab7e0b8"}, {"source": "cna@vuldb.com", "url": "https://github.com/baomidou/dynamic-datasource/issues/766"}, {"source": "cna@vuldb.com", "url": "https://github.com/baomidou/dynamic-datasource/pull/767"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/798600"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/359624"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/359624/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-707"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.5.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "dynamic-datasource", "source": "cna", "vendor": "baomidou"}, "product": "dynamic-datasource", "vendor": "baomidou"}], "analysis": {"en": {"generated_at": "2026-04-28T05:07:23.508115+00:00", "value": {"mitigation_remediation": ["Apply the recent patch identified by commit 273fcedaee984c08197c0890f14190b86ab7e0b8 to the Baomidou dynamic-datasource library.", "Upgrade the library to a later version that incorporates the fix if newer releases are available.", "If an upgrade is not immediately feasible, sanitize all user-supplied expressions and restrict the SpEL parser to a whitelist of allowed expressions or disable SpEL usage where possible."], "summary": {"action": "Immediate Patch", "impact": "Injection (potential remote code execution)"}, "threat_synthesis": {"affected_systems": "Systems that include Baomidou dynamic-datasource library version 2.5.0 are affected. This includes projects that use the dynamic-datasource-spring component and rely on the SpelExpressionParser for determining data sources at runtime.", "description_and_impact": "The vulnerability resides in Baomidou dynamic-datasource 2.5.0, specifically within the DsSpelExpressionProcessor#doDetermineDatasource method that utilizes Spring\u2019s StandardEvaluationContext and SpelExpressionParser. An attacker who can supply a crafted SpEL expression can cause that expression to be evaluated by the application\u2019s context, leading to an injection flaw that may allow arbitrary code execution or other unintended behavior. The flaw exists because user-controlled data can be injected into a SpEL expression without proper validation or sandboxing.", "risk_and_exploitability": "The CVSS score of 5.3 marks the issue as moderate in severity, while the EPSS score of less than 1% indicates a low probability of exploitation at this time. The flaw is listed as not appearing in CISA\u2019s KEV catalog. The attack vector is remote, with an attacker able to inject malicious expressions over the network if the application exposes the relevant API endpoints. Once injected, a SpEL expression can execute code within the permissions of the Java process, thereby creating a significant risk if the application runs with elevated privileges."}}}}, "created": "2026-04-27T19:51:59.233426+00:00", "updated": "2026-04-28T05:15:22.939619+00:00", "vendors": ["baomidou", "baomidou$PRODUCT$dynamic-datasource"]}