Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
9DescriptionCVE.org
A vulnerability was determined in JeecgBoot up to 3.9.1. Impacted is the function SqlInjectionUtil of the file jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/SqlInjectionUtil.java of the component loadDict Endpoint. This manipulation of the argument keyword causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Patch name: a9c8e8eb1185751c4c3c68d2a53f3dadee9edc6b. To fix this issue, it is recommended to deploy a patch.
AnalysisAI
SQL injection in JeecgBoot up to version 3.9.1 allows authenticated remote attackers to execute arbitrary SQL commands through the loadDict endpoint by manipulating the keyword parameter in the SqlInjectionUtil function. The vulnerability has a CVSS score of 6.3 with network-accessible attack vector, and publicly available exploit code exists; patch availability is confirmed via GitHub commit a9c8e8eb1185751c4c3c68d2a53f3dadee9edc6b.
Technical ContextAI
JeecgBoot is a Java-based low-code rapid development framework. The vulnerability exists in the SqlInjectionUtil class within jeecg-boot-base-core, specifically in the loadDict endpoint handler. The root cause is improper input validation and parameterization of SQL queries (CWE-89), allowing an attacker to inject arbitrary SQL syntax through the keyword parameter. The affected component processes dictionary loading requests, a common operation in database-driven applications, making this endpoint frequently exposed in typical JeecgBoot deployments.
RemediationAI
Deploy the patched version containing commit a9c8e8eb1185751c4c3c68d2a53f3dadee9edc6b, available via GitHub pull request #9493 on the JeecgBoot repository. If immediate patching is not feasible, implement network-level access controls to restrict access to the loadDict endpoint to trusted application servers only, and enforce strong authentication policies to minimize the risk of credential compromise. Additionally, enable SQL query logging and intrusion detection for the dictionary loading function to detect injection attempts. Review application logs for suspicious keyword parameter values containing SQL metacharacters (such as single quotes, semicolons, or UNION operators). Note that network restriction has operational trade-offs if the endpoint is used by multiple internal services - coordinate with application owners before implementation. See https://github.com/jeecgboot/JeecgBoot/pull/9493 for detailed patch guidance.
Oracle Java SE 7 Update 6 and earlier contains multiple sandbox bypass vulnerabilities via the ClassFinder and forName m
Remote code execution in IBM Sterling B2B Integrator, Sterling Integrator, and Tivoli Common Reporting allows unauthenti
Java Runtime Environment sandbox bypass via incorrect image channel verification in 2D component allows remote unauthent
Oracle Java SE JDK/JRE 7 and 6 Update 27 and earlier allows remote code execution with complete system compromise throug
JBoss Seam 2 in Red Hat JBoss EAP 4.3.0 fails to sanitize JBoss Expression Language inputs, allowing remote attackers to
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 up
Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Up
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allow
Remote unauthenticated attackers can execute arbitrary code on Adobe ColdFusion servers through Java deserialization fla
The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-26072