Medium severity6.3NVD Advisory· Published May 2, 2026· Updated May 5, 2026

CVE-2026-7602

Description

A vulnerability was found in JeecgBoot up to 3.9.1. Affected by this vulnerability is an unknown functionality of the file /sys/fillRule/edit of the component FillRuleUtil Component. The manipulation of the argument ruleClass results in improper authorization. The attack may be performed from remote. The exploit has been made public and could be used. You should upgrade the affected component. The vendor confirmed the issue and will provide a fix in the upcoming release.

Affected products

Jeecgboot/Jeecgbootreferences

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/jeecgboot/JeecgBoot/issues/9552nvd
github.com/jeecgboot/JeecgBoot/issues/9552nvd
vuldb.com/submit/805706nvd
vuldb.com/vuln/360559nvd
vuldb.com/vuln/360559/ctinvd

News mentions

No linked articles in our index yet.

cvss	0.410
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000