jeecg

Top products

The 15 most recently published vulnerabilities affecting jeecg.

• CVE-2024-43028A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request.9.8Apr 1, 2026
• CVE-2024-40489There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character filtering, which allows attackers to execute arbitrary code on components through specially crafted HT...9.8Apr 1, 2026
• CVE-2026-2945JeecgBoot uploadImgByHttp server-side request forgery6.3Feb 22, 2026
• CVE-2026-2822JeecgBoot Backend airag_app,1,create_by sql injection6.3Feb 20, 2026
• CVE-2026-2555JeecgBoot Retrieval-Augmented Generation AiragKnowledgeController.java importDocumentFromZip deserialization5.0Feb 16, 2026
• CVE-2026-2111JeecgBoot Retrieval-Augmented Generation edit path traversal4.3Feb 7, 2026
• CVE-2026-1746JeecgBoot Online Report API loadDictItemByKeyword sql injection6.3Feb 2, 2026
• CVE-2025-66913JimuReport thru version 2.1.3 is vulnerable to remote code execution when processing user-controlled H2 JDBC URLs. The application passes the attacker-supplied JDBC URL directly to the H2 driver, a...9.8Jan 8, 2026
• CVE-2025-15126JeecgBoot getPositionUserList improper authorization3.1Dec 28, 2025
• CVE-2025-15125JeecgBoot queryDepartPermission improper authorization3.1Dec 28, 2025
• CVE-2025-15124JeecgBoot list getParameterMap improper authorization3.1Dec 28, 2025
• CVE-2025-15123JeecgBoot datarule improper authorization3.1Dec 28, 2025
• CVE-2025-15122JeecgBoot datarule loadDatarule improper authorization3.1Dec 28, 2025
• CVE-2025-15121JeecgBoot getDeptRoleByUserId information disclosure2.4Dec 28, 2025
• CVE-2025-15120JeecgBoot getDeptRoleList improper authorization3.1Dec 28, 2025