CVE-2026-7604 in JeecgBootИнформация

Сводка

по MITRE • 02.05.2026

A vulnerability was identified in JeecgBoot up to 3.9.1. This affects the function OpenApiController.add/OpenApiController.call of the file OpenApiController.java of the component OpenApi Service. Such manipulation of the argument originUrl database leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly available and might be used. It is suggested to upgrade the affected component. The vendor confirmed the issue and will provide a fix in the upcoming release.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

VulDB

Раскрытие

02.05.2026

Модерация

принято

Вход

VDB-360561

CPE

готов

CWE

CWE-918 (Подтверждённый)

Эксплойт

Скачать

CVSS

6.3 (VulDB)

EPSS

0.00055

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-7604
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-7604
CVE Details	https://www.cvedetails.com/cve/CVE-2026-7604/

◂ Предыдущий Обзор Далее ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!