CVE-2025-14908

🗓️ 19 Dec 2025 00:32:08Reported by VulDBType

CVE-2025-14908 JeecgBoot up to 3.9.0 has improper authentication in SysTenantController enabling remote exploitation.

Reporter	Title	Published	Views	Family All 7
CNNVD	JeecgBoot 授权问题漏洞	19 Dec 202500:00	–	cnnvd
Cvelist	CVE-2025-14908 JeecgBoot Multi-Tenant Management SysTenantController.java improper authentication	19 Dec 202500:32	–	cvelist
EUVD	EUVD-2025-204433	19 Dec 202503:31	–	euvd
NVD	CVE-2025-14908	19 Dec 202501:16	–	nvd
Positive Technologies	PT-2025-52398	19 Dec 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-14908	20 Dec 202501:10	–	redhatcve
Vulnrichment	CVE-2025-14908 JeecgBoot Multi-Tenant Management SysTenantController.java improper authentication	19 Dec 202500:32	–	vulnrichment

NVD

Vulners

Node

jeecg jeecg_bootRange≤3.9.0

[
  {
    "vendor": "n/a",
    "product": "JeecgBoot",
    "versions": [
      {
        "version": "3.0",
        "status": "affected"
      },
      {
        "version": "3.1",
        "status": "affected"
      },
      {
        "version": "3.2",
        "status": "affected"
      },
      {
        "version": "3.3",
        "status": "affected"
      },
      {
        "version": "3.4",
        "status": "affected"
      },
      {
        "version": "3.5",
        "status": "affected"
      },
      {
        "version": "3.6",
        "status": "affected"
      },
      {
        "version": "3.7",
        "status": "affected"
      },
      {
        "version": "3.8",
        "status": "affected"
      },
      {
        "version": "3.9.0",
        "status": "affected"
      }
    ],
    "modules": [
      "Multi-Tenant Management Module"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
github	www.github.com/jeecgboot/JeecgBoot/issues/9196
vuldb	www.vuldb.com/
github	www.github.com/jeecgboot/JeecgBoot/commit/e1c8f00bf2a2e0edddbaa8119afe1dc92d9dc1d2
vuldb	www.vuldb.com/

29 Apr 2026 01:00Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.16.3 - 8.1

CVSS 45.3

CVSS 26.5

CVSS 36.3

EPSS0.00134

SSVC

CWE-287