CVE-2026-3672 in JeecgBootinformation

Résumé

par MITRE • 08/03/2026

A vulnerability has been found in JeecgBoot up to 3.9.1. Affected is the function isExistSqlInjectKeyword of the file /jeecg-boot/sys/api/getDictItems. Such manipulation leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

VulDB

Divulgation

08/03/2026

Modérer

accepté

Entrée

VDB-349569

CPE

prêt

CWE

CWE-89 (confirmé)

Exploitation

Télécharger

CVSS

6.3 (CNA)

EPSS

0.00039

KEV

non

Activités

très faible

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-3672
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-3672
CVE Details	https://www.cvedetails.com/cve/CVE-2026-3672/

◂ Précédent Aperçu Suivant ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!