CVE-2025-10771

cna@vuldb.com

Details

CVSS v3: 6.3
CVSS v4: 2.1
CVSS v2: 6.5
NVD published: 2025-09-21 23:15:35
Affected versions: cpe:2.3:a:jeecg:jimureport:*:*:*:*:*:*:*:*
Summary: A vulnerability was determined in jeecgboot JimuReport up to 2.1.2. Affected is an unknown function of the file /drag/onlDragDataSource/testConnection of the component DB2 JDBC Handler. Executing manipulation of the argument clientRerouteServerListJNDIName can lead to deserialization. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
Remediation: Not available in our cache.
Exploit info: https://github.com/jeecgboot/jimureport/issues/4117 https://github.com/jeecgboot/jimureport/issues/4117#issue-3391268438

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.