CVE-2026-3405

Low CVSS: 2.3

A vulnerability has been found in thinkgem JeeSite up to 5.15.1. The affected element is an unknown function of the component Connection Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is described as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Jeesite

Product

Jeesite

CWE

CWE-22

Yayın Tarihi

2026-03-02 02:16:20

Güncelleme

2026-03-03 19:46:56

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-22 Jeesite LOW Jeesite 2026

Referanslar

https://vuldb.com/?ctiid.348300 https://vuldb.com/?id.348300 https://vuldb.com/?submit.765097 https://www.yuque.com/la12138/pa2fpb/sg81mhkrat5h170c?singleDoc https://vuldb.com/?submit.765097

Benzer Kayıtlar

Low

CVE-2026-3404

A flaw has been found in thinkgem JeeSite up to 5.15.1. Impacted is an unknown function of the file /com/jeesite/common/…

Medium

CVE-2025-9796

A vulnerability was found in thinkgem JeeSite up to 5.12.1. This affects the function decodeUrl2 of the file common/src/…

Medium

CVE-2025-7865

A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been declared as problematic. This vulnerability affe…

Medium

CVE-2025-7863

A vulnerability was found in thinkgem JeeSite up to 5.12.0 and classified as problematic. Affected by this issue is the…

Medium

CVE-2025-7864

A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been classified as critical. This affects the functio…

Medium

CVE-2025-7785

A vulnerability classified as problematic was found in thinkgem JeeSite up to 5.12.0. This vulnerability affects the fun…