VYPR
Medium severity6.3NVD Advisory· Published Jun 1, 2026· Updated Jun 1, 2026

CVE-2026-10240

CVE-2026-10240

Description

A vulnerability was identified in JeecgBoot up to 3.9.2. The impacted element is an unknown function of the file /airag/airagModel/test. The manipulation of the argument baseUrl leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. A fix is planned for the upcoming release.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

5

News mentions

1