High severity7.3NVD Advisory· Published May 26, 2026· Updated May 27, 2026
CVE-2026-9580
CVE-2026-9580
Description
A vulnerability was determined in JeecgBoot up to 3.9.1. The affected element is the function LoginController.selectDepart of the file /sys/selectDepart. This manipulation causes improper access controls. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. Upgrading to version 3.9.2 is sufficient to fix this issue. It is suggested to upgrade the affected component.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
6News mentions
1- JeecgBoot: Four Access-Control Flaws Disclosed Together, Patched in 3.9.2Vypr Intelligence · May 26, 2026