CVE-2026-10240
MEDIUM NVDCVSS Score
6.3
Severity
MEDIUM
Source
NVD
Published
Jun 01, 2026
Description
A vulnerability was identified in JeecgBoot up to 3.9.2. The impacted element is an unknown function of the file /airag/airagModel/test. The manipulation of the argument baseUrl leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. A fix is planned for the upcoming release.