CVE-2026-7602 | JeecgBoot up to 3.9.1 FillRuleUtil /sys/fillRule/edit ruleClass improper authorization (Issue 9552)

A vulnerability, which was classified as critical, was found in JeecgBoot up to 3.9.1. Affected by this vulnerability is an unknown functionality of the file /sys/fillRule/edit of the component FillRuleUtil Component. The manipulation of the argument ruleClass results in improper authorization.

This vulnerability was named CVE-2026-7602. The attack may be performed from remote. In addition, an exploit is available.

You should upgrade the affected component.

The vendor confirmed the issue and will provide a fix in the upcoming release.VulDB Recent EntriesRead More