CVE-2026-8196

Name of the Vulnerable Software and Affected Versions JeecgBoot version 3.9.1

Description A flaw in the 'mLogin' endpoint within the LoginController.java file of the jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ component allows for remote authorization bypass. This issue is characterized by high complexity and difficult exploitability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.