CVE-2024-43028 | JeecgBoot up to 3.5.3 HTTP /jmreport/show command injection

April 1, 2026 Yanac

A vulnerability categorized as critical has been discovered in JeecgBoot up to 3.5.3. The affected element is an unknown function of the file /jmreport/show of the component HTTP Handler. Executing a manipulation can lead to command injection.

This vulnerability is tracked as CVE-2024-43028. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More

CVE-2026-20095 | Cisco Enterprise NFV Infrastructure Software Web-based Management Interface command injection (cisco-sa-cimc-cmd-inj-3hKN3bVt)
CVE-2026-33949 | Tina CMS up to 2.2.1 GraphQL Mutation relativePath path traversal