CVE-2026-2555
Published: 16 February 2026
Summary
CVE-2026-2555 is a low-severity Improper Input Validation (CWE-20) vulnerability in Jeecg Jeecg Boot. Its CVSS base score is 2.3 (Low).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 18.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Other Platforms; in the Other ATLAS/OWASP Terms risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SC-18 (Mobile Code).
Deeper analysis
CVE-2026-2555 is a deserialization vulnerability in JeecgBoot version 3.9.1, affecting the importDocumentFromZip function within the org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java file of the Retrieval-Augmented Generation (RAG) component. The issue stems from improper input validation (CWE-20) and deserialization of untrusted data (CWE-502), with a CVSS v3.1 base score of 5.0 (AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L). It was published on 2026-02-16.
The vulnerability can be exploited remotely by an authenticated attacker with low privileges (PR:L), though it requires high attack complexity (AC:H) and no user interaction (UI:N). Successful exploitation leads to limited impacts on confidentiality, integrity, and availability (C:L/I:L/A:L), potentially allowing arbitrary code execution or data manipulation via malicious ZIP files processed by the import function.
Advisories from VulDB indicate the project was notified early through GitHub issue #9335 in the JeecgBoot repository, but the maintainers have not yet responded or released patches. No specific mitigations are detailed in the available references.
This vulnerability is notable for its presence in a Retrieval-Augmented Generation component, which has relevance to AI/ML workflows, and its exploitability is described as difficult due to the high complexity required. No real-world exploitation has been reported.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-6091
Vulnerability details
A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDocumentFromZip of the file org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java of the component Retrieval-Augmented Generation. Executing a manipulation can lead to deserialization. The attack can be launched remotely. Attacks of this nature…
more
are highly complex. It is stated that the exploitability is difficult. The project was informed of the problem early through an issue report but has not responded yet.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Other Platforms
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: llm
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Deserialization of untrusted data (malicious ZIP) in a remotely accessible web controller directly enables exploitation of the application for RCE (T1190); successful exploitation results in arbitrary code execution that can be performed via command/scripting interpreters (T1059).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces validation of all input data (including ZIP contents) before any deserialization occurs in importDocumentFromZip, blocking the CWE-20/CWE-502 root cause.
Requires cryptographic or integrity verification of imported ZIP files and deserialized objects, preventing execution of untrusted payloads in the RAG component.
Restricts or sandbox-executes mobile/untrusted code introduced via deserialization of ZIP-supplied objects, limiting arbitrary code execution impact.