CVE-2026-7710

Daily digests

The JWT authentication filter in yudao-cloud (Ruoyi-Vue-Pro) can be bypassed by manipulating the mock-token parameter. An attacker can remotely authenticate as any user without valid credentials. A public exploit is available, and the vendor has not responded to disclosure. No patch exists.

• Daily Digest · May 4, 2026

  GoBGP crashes, Prefect + MindsDB unpatched exploits