{"vulnerability": "CVE-2026-7605", "sightings": [{"uuid": "97fc9a39-3fed-4689-ae1e-fb9dc8795cbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7605", "type": "seen", "source": "https://gist.github.com/this1slwl/d975073bb5feaafd09d9383e8351fb55", "content": "[CVE ID]\nCVE-2026-52204\n[Product]\nJeecgBoot - 3.9.2\n[Version]\nJeecgBoot - 3.9.2\n[Problem Type]\nSSRF\n[Description]\nAn issue in JeecgBoot 3.9.2 allows an attacker to execute arbitrary code via the /sys/common/uploadImgByHttp` endpoint. Although the vendor claims to have fixed SSRF issues (CVE-2026-2945, CVE-2026-7605), the fix is incomplete and can be bypassed.", "creation_timestamp": "2026-07-16T08:34:06.012686Z"}]}