CVE-2026-5999 | JeecgBoot up to 3.9.1 SysAnnouncementController improper authorization (Issue 9508)

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability classified as critical was found in JeecgBoot up to 3.9.1. This impacts an unknown function of the component SysAnnouncementController. Such manipulation leads to improper authorization.

This vulnerability is uniquely identified as CVE-2026-5999. The attack can be launched remotely. Moreover, an exploit is present.

The vendor confirmed the issue and will provide a fix in the upcoming release.

CVE-2026-5999 | JeecgBoot up to 3.9.1 SysAnnouncementController improper authorization (Issue 9508)

Post correlati

CVE-2024-9440 | Slim Select up to 2.9.0 select.ts:createOption text cross site scripting

CVE-2024-34799 | Repute Infosystems BookingPress Plugin up to 1.0.82 on WordPress authorization

CVE-2024-11061 | Tenda AC10 16.03.10.13 fast_setting_wifi_set FUN_0044db3c timeZone stack-based overflow

CVE-2024-5834 | Google Chrome prior 126.0.6478.54 Dawn Remote Code Execution (ID 342840)