{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3672", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-06T20:58:48.694Z", "datePublished": "2026-03-07T21:32:13.177Z", "dateUpdated": "2026-03-11T16:28:32.553Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-07T21:32:13.177Z"}, "title": "JeecgBoot getDictItems isExistSqlInjectKeyword sql injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-89", "lang": "en", "description": "SQL Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-74", "lang": "en", "description": "Injection"}]}], "affected": [{"vendor": "n/a", "product": "JeecgBoot", "versions": [{"version": "3.9.0", "status": "affected"}, {"version": "3.9.1", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in JeecgBoot up to 3.9.1. Affected is the function isExistSqlInjectKeyword of the file /jeecg-boot/sys/api/getDictItems. Such manipulation leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-03-06T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-06T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-06T22:03:52.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Saul1213 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.349569", "name": "VDB-349569 | JeecgBoot getDictItems isExistSqlInjectKeyword sql injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.349569", "name": "VDB-349569 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.765093", "name": "Submit #765093 | Jeecgboot 3.9.1 SQL Injection", "tags": ["third-party-advisory"]}, {"url": "https://www.yuque.com/la12138/pa2fpb/ab1i8wyeeg1zzgq5?singleDoc", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-11T16:23:00.502459Z", "id": "CVE-2026-3672", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T16:28:32.553Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3672", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-11T16:23:00.502459Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T16:23:01.642Z"}}], "cna": {"title": "JeecgBoot getDictItems isExistSqlInjectKeyword sql injection", "credits": [{"lang": "en", "type": "reporter", "value": "Saul1213 (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "n/a", "product": "JeecgBoot", "versions": [{"status": "affected", "version": "3.9.0"}, {"status": "affected", "version": "3.9.1"}]}], "timeline": [{"lang": "en", "time": "2026-03-06T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-03-06T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-03-06T22:03:52.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.349569", "name": "VDB-349569 | JeecgBoot getDictItems isExistSqlInjectKeyword sql injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.349569", "name": "VDB-349569 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.765093", "name": "Submit #765093 | Jeecgboot 3.9.1 SQL Injection", "tags": ["third-party-advisory"]}, {"url": "https://www.yuque.com/la12138/pa2fpb/ab1i8wyeeg1zzgq5?singleDoc", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in JeecgBoot up to 3.9.1. Affected is the function isExistSqlInjectKeyword of the file /jeecg-boot/sys/api/getDictItems. Such manipulation leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "SQL Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-74", "description": "Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-07T21:32:13.177Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3672", "state": "PUBLISHED", "dateUpdated": "2026-03-11T16:28:32.553Z", "dateReserved": "2026-03-06T20:58:48.694Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-03-07T21:32:13.177Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in JeecgBoot up to 3.9.1. Affected is the function isExistSqlInjectKeyword of the file /jeecg-boot/sys/api/getDictItems. Such manipulation leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used."}, {"lang": "es", "value": "Una vulnerabilidad ha sido encontrada en JeecgBoot hasta 3.9.1. Afectada es la funci\u00f3n isExistSqlInjectKeyword del archivo /jeecg-boot/sys/API/getDictItems. Dicha manipulaci\u00f3n conduce a inyecci\u00f3n SQL. El ataque puede ser realizado desde remoto. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado."}], "id": "CVE-2026-3672", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-07T22:15:50.147", "references": [{"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.349569"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.349569"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.765093"}, {"source": "cna@vuldb.com", "url": "https://www.yuque.com/la12138/pa2fpb/ab1i8wyeeg1zzgq5?singleDoc"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.9.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.9.1"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 88.0, "source": "matching"}]}, "original": {"product": "JeecgBoot", "source": "cna", "vendor": "n/a"}, "product": "jeecgboot", "vendor": "jeecg"}], "analysis": {"en": {"generated_at": "2026-04-16T04:31:28.262866+00:00", "value": {"mitigation_remediation": ["Upgrade JeecgBoot to version 3.9.2 or later, ensuring the vulnerable isExistSqlInjectKeyword function is removed or fixed", "Validate and sanitize all inputs to the getDictItems API, stripping or encoding any SQL keywords before use", "Implement strict authentication and authorization controls on the getDictItems endpoint, limiting access to trusted users and applying least privilege", "If upgrade is not feasible, apply an application-level firewall or filter that blocks common SQL injection patterns at the API boundary"], "summary": {"action": "Apply Update", "impact": "SQL Injection"}, "threat_synthesis": {"affected_systems": "The issue affects the JeecgBoot platform up to and including version 3.9.1. No later versions are mentioned in the data. The affected component is the getDictItems API in JeecgBoot.", "description_and_impact": "The vulnerability resides in the isExistSqlInjectKeyword function of the /jeecg-boot/sys/api/getDictItems endpoint. It allows attackers to inject arbitrary SQL statements, potentially leading to unauthorized data access, modification, or deletion. The flaw is a classic SQL injection that can be exploited over the network, affecting confidentiality, integrity, and availability of the underlying database.", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity. The EPSS figure of less than 1% suggests a very low probability of exploitation at this time. It is not listed in CISA's KEV catalog. Attackers could exploit the vulnerability remotely by sending crafted requests to the getDictItems endpoint, but no exploitation prerequisites beyond network access are described. The risk is moderate but the low exploitation likelihood reduces immediate urgency."}}}}, "created": "2026-03-09T10:03:55.461305+00:00", "updated": "2026-04-16T04:45:16.115124+00:00", "vendors": ["jeecg", "jeecg$PRODUCT$jeecgboot"]}