CVE-2026-2822

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.3 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L                                    

Vulnerability Description

A security vulnerability has been detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file /jeecgboot/sys/dict/loadDict/airag_app,1,create_by of the component Backend Interface. Such manipulation of the argument keyword leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.

Vulnerability Details

Published Date

February 20, 2026

Last Modified

February 24, 2026

CWE ID

CWE-74

Source

NVD

Vendor

jeecg

Product

jeecg_boot

External References

https://vuldb.com/?ctiid.346947
https://vuldb.com/?id.346947
https://vuldb.com/?submit.753792
https://www.yuque.com/meizhiyuwai/ha3yxb/lowxgbh5nne881e6

CVE-2026-2822

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment