Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

JeecgBoot — Vulnerabilities & Security Advisories 28

All 28 CVE vulnerabilities found in JeecgBoot, with AI-generated Chinese analysis, references, and POCs.

Vendor: n/a

CVE IDTitleCVSSSeverityPublished
CVE-2026-5999 JeecgBoot SysAnnouncementController improper authorization CWE-285 6.3 Medium2026-04-10
CVE-2026-5616 JeecgBoot AI Chat JeecgBizToolsProvider.java missing authentication CWE-306 7.3 High2026-04-06
CVE-2026-3672 JeecgBoot getDictItems isExistSqlInjectKeyword sql injection CWE-89 6.3 Medium2026-03-07
CVE-2026-2945 JeecgBoot uploadImgByHttp server-side request forgery CWE-918 6.3 Medium2026-02-22
CVE-2026-2822 JeecgBoot Backend airag_app,1,create_by sql injection CWE-89 6.3 Medium2026-02-20
CVE-2026-2555 JeecgBoot Retrieval-Augmented Generation AiragKnowledgeController.java importDocumentFromZip deserialization CWE-502 5.0 Medium2026-02-16
CVE-2026-2111 JeecgBoot Retrieval-Augmented Generation edit path traversal CWE-22 4.3 Medium2026-02-07
CVE-2026-1746 JeecgBoot Online Report API loadDictItemByKeyword sql injection CWE-89 6.3 Medium2026-02-02
CVE-2025-15126 JeecgBoot getPositionUserList improper authorization CWE-285 3.1 Low2025-12-28
CVE-2025-15125 JeecgBoot queryDepartPermission improper authorization CWE-285 3.1 Low2025-12-28
CVE-2025-15124 JeecgBoot list getParameterMap improper authorization CWE-285 3.1 Low2025-12-28
CVE-2025-15123 JeecgBoot datarule improper authorization CWE-285 3.1 Low2025-12-28
CVE-2025-15122 JeecgBoot datarule loadDatarule improper authorization CWE-285 3.1 Low2025-12-28
CVE-2025-15121 JeecgBoot getDeptRoleByUserId information disclosure CWE-200 2.4 Low2025-12-28
CVE-2025-15120 JeecgBoot getDeptRoleList improper authorization CWE-285 3.1 Low2025-12-28
CVE-2025-15119 JeecgBoot list queryPageList improper authorization CWE-285 3.1 Low2025-12-28
CVE-2025-14909 JeecgBoot SysUserOnlineController.java SysUserOnlineController user session CWE-1018 4.3 Medium2025-12-19
CVE-2025-14908 JeecgBoot Multi-Tenant Management SysTenantController.java improper authentication CWE-287 6.3 Medium2025-12-19
CVE-2025-10981 JeecgBoot exportXls improper authorization CWE-285 4.3 Medium2025-09-26
CVE-2025-10980 JeecgBoot exportXls improper authorization CWE-285 4.3 Medium2025-09-25
CVE-2025-10979 JeecgBoot exportXls improper authorization CWE-285 4.3 Medium2025-09-25
CVE-2025-10978 JeecgBoot Filter exportXls improper authorization CWE-285 4.3 Medium2025-09-25
CVE-2025-10977 JeecgBoot deleteBatch improper authorization CWE-285 3.1 Low2025-09-25
CVE-2025-10976 JeecgBoot getDepartUserList improper authorization CWE-285 3.1 Low2025-09-25
CVE-2025-10707 JeecgBoot sendMsg improper authorization CWE-285 6.3 Medium2025-09-19
CVE-2025-10319 JeecgBoot Tenant Log Export exportLog improper authorization CWE-285 4.3 Medium2025-09-12
CVE-2025-10318 JeecgBoot WebSocket Message sendWebSocketMsg improper authorization CWE-285 6.3 Medium2025-09-12
CVE-2025-4533 JeecgBoot Document Library Upload zip unzipFile resource consumption CWE-400 2.7 Low2025-05-11

All 28 known CVE vulnerabilities affecting JeecgBoot with full Chinese analysis, references, and POCs where available.