Medium severity6.3NVD Advisory· Published Jun 1, 2026· Updated Jun 1, 2026
CVE-2026-10240
CVE-2026-10240
Description
A vulnerability was identified in JeecgBoot up to 3.9.2. The impacted element is an unknown function of the file /airag/airagModel/test. The manipulation of the argument baseUrl leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. A fix is planned for the upcoming release.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
5News mentions
1- Jeecgboot: Three SSRF Vulnerabilities Disclosed TogetherVypr Intelligence · Jun 1, 2026