CVE-2026-2822 | JeecgBoot up to 3.9.1 Backend Interface airag_app,1,create_by keyword sql injection

A vulnerability described as critical has been identified in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file /jeecgboot/sys/dict/loadDict/airag_app,1,create_by of the component Backend Interface. Such manipulation of the argument keyword leads to sql injection.

This vulnerability is documented as CVE-2026-2822. The attack can be executed remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More