CVE-2026-9580 | JeecgBoot up to 3.9.1 /sys/selectDepart LoginController.selectDepart access control (Issue 9597)

Inserito da Angelo Barbosa | Mag 26, 2026 | CVE

A vulnerability marked as critical has been reported in JeecgBoot up to 3.9.1. The affected element is the function LoginController.selectDepart of the file /sys/selectDepart. This manipulation causes improper access controls.

This vulnerability is registered as CVE-2026-9580. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

It is suggested to upgrade the affected component.

CVE-2026-9580 | JeecgBoot up to 3.9.1 /sys/selectDepart LoginController.selectDepart access control (Issue 9597)

Post correlati

CVE-2024-32392 | CmSimple 5.15 functions.php cross site scripting

CVE-2026-27156 | zauberzeug NiceGUI up to 3.7.x API cross site scripting

CVE-2025-41065 | Luna Imaging LUNA 7.5.5.6 cross site scripting

CVE-2024-0860 | Softing edgeConnector/edgeAggregator 3.60 cleartext transmission (icsa-24-074-13)