What is GHSA-v77q-xxpr-rx9g?

GHSA-v77q-xxpr-rx9g is a security advisory published by GitHub Security Advisories with Medium severity. A vulnerability was determined in JeecgBoot up to 3.9.1. The affected element is the function...

Which CVE IDs does GHSA-v77q-xxpr-rx9g cover?

GHSA-v77q-xxpr-rx9g covers the following CVE IDs: CVE-2026-9580. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-v77q-xxpr-rx9g?

GHSA-v77q-xxpr-rx9g has a CVSS v3 base score of 7.3, published by GitHub Security Advisories.

GHSA-v77q-xxpr-rx9gMediumCVSS 7.3

A vulnerability was determined in JeecgBoot up to 3.9.1. The affected element is the function...

Vendor

GitHub Security Advisories

Published

May 26, 2026

Last Modified

May 26, 2026

🔗 CVE IDs covered (1)

CVE-2026-9580 →

📋 Description

A vulnerability was determined in JeecgBoot up to 3.9.1. The affected element is the function LoginController.selectDepart of the file /sys/selectDepart. This manipulation causes improper access controls. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. Upgrading to version 3.9.2 is sufficient to fix this issue. It is suggested to upgrade the affected component.

🔗 References (9)

https://nvd.nist.gov/vuln/detail/CVE-2026-9580
https://github.com/jeecgboot/JeecgBoot/issues/9597
https://github.com/jeecgboot/JeecgBoot/issues/9597#issuecomment-4385501959
https://github.com/jeecgboot/JeecgBoot
https://github.com/jeecgboot/JeecgBoot/releases/tag/v3.9.2
https://vuldb.com/submit/817892
https://vuldb.com/vuln/365636
https://vuldb.com/vuln/365636/cti
https://github.com/advisories/GHSA-v77q-xxpr-rx9g