CVE-2026-9580

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

A vulnerability was determined in JeecgBoot up to 3.9.1. The affected element is the function LoginController.selectDepart of the file /sys/selectDepart. This manipulation causes improper access controls. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. Upgrading to version 3.9.2 is sufficient to fix this issue. It is suggested to upgrade the affected component.

Exploit

Fix

Incorrect Privilege Assignment

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-266CWE-284

Related Identifiers

CVE-2026-9580

Affected Products

Undefined

CVE-2026-9580

Weakness Enumeration

Related Identifiers

Affected Products

References · 8