CVE-2026-10771 in crmeb_javainformación

Resumen

por MITRE • 2026-06-04

A vulnerability was found in crmeb crmeb_java 1.4. Affected is the function RestTemplate.getForEntity of the file crmeb-common/src/main/java/com/zbkj/common/utils/RestTemplateUtil.java of the component base64 Qrcode Endpoint. The manipulation of the argument url results in server-side request forgery. The attack can be executed remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

VulDB

Divulgación

2026-06-04

Moderación

aceptado

Artículo

VDB-368137

CPE

listo

CWE

CWE-918 (confirmado)

Explotación

Descargar

CVSS

7.3 (VulDB)

EPSS

0.00045

KEV

Actividades

medio

Sector

Telecommunication, Chemical, ...

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-10771
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-10771
CVE Details	https://www.cvedetails.com/cve/CVE-2026-10771/

◂ Anterior Visión De Conjunto Próximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!