CVE-2026-7604 in JeecgBootinformação

Sumário

de MITRE • 02/05/2026

A vulnerability was identified in JeecgBoot up to 3.9.1. This affects the function OpenApiController.add/OpenApiController.call of the file OpenApiController.java of the component OpenApi Service. Such manipulation of the argument originUrl database leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly available and might be used. It is suggested to upgrade the affected component. The vendor confirmed the issue and will provide a fix in the upcoming release.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulDB

Divulgação

02/05/2026

Moderação

aceite

Entrada

VDB-360561

CPE

pronto

CWE

CWE-918 (confirmado)

Exploração

Descarregar

CVSS

6.3 (VulDB)

EPSS

0.00055

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-7604
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-7604
CVE Details	https://www.cvedetails.com/cve/CVE-2026-7604/

◂ Voltar Visão Geral Próximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!