CVE-2026-7604

A vulnerability was identified in JeecgBoot up to 3.9.1. This affects the function OpenApiController.add/OpenApiController.call of the file OpenApiController.java of the component OpenApi Service. Such manipulation of the argument originUrl database leads to server-side request forgery. It is...

EUVD-2026-26739

A vulnerability was identified in JeecgBoot up to 3.9.1. This affects the function OpenApiController.add/OpenApiController.call of the file OpenApiController.java of the component OpenApi Service. Such manipulation of the argument originUrl database leads to server-side request forgery. It is...

PT-2026-36571

Name of the Vulnerable Software and Affected Versions JeecgBoot versions prior to 3.9.2 Description An issue in the OpenApi Service component allows remote attackers to perform server-side request forgery SSRF, a flaw where the server is coerced into making unintended requests. This occurs throug...

JeecgBoot 代码问题漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. JeecgBoot versions 3.9.1 and earlier have code vulnerabilities. These vulnerabilities stem from improper handling of parameters in the OpenApiController.add/OpenApiController.call...