CVE-2026-7603 in JeecgBootinfo

Zusammenfassung

von MITRE • 02.05.2026

A vulnerability was determined in JeecgBoot up to 3.9.1. Affected by this issue is the function checkPathTraversalBatch of the file FileDownloadUtils.jav of the component LoadFile Endpoint. This manipulation of the argument files causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The affected component should be upgraded. The vendor confirmed the issue and will provide a fix in the upcoming release.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulDB

Veröffentlichung

02.05.2026

Moderieren

akzeptiert

Eintrag

VDB-360560

CPE

bereit

CWE

CWE-918 (bestätigt)

Exploit

Download

CVSS

6.3 (VulDB)

EPSS

0.00018

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-7603
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-7603
CVE Details	https://www.cvedetails.com/cve/CVE-2026-7603/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!