CVE-2026-2555
Received Received - Intake
Remote Deserialization Vulnerability in JeecgBoot Retrieval-Augmented Generation

Publication date: 2026-02-16

Last updated on: 2026-02-18

Assigner: VulDB

Description
A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDocumentFromZip of the file org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java of the component Retrieval-Augmented Generation. Executing a manipulation can lead to deserialization. The attack can be launched remotely. Attacks of this nature are highly complex. It is stated that the exploitability is difficult. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-16
Last Modified
2026-02-18
Generated
2026-06-16
AI Q&A
2026-02-16
EPSS Evaluated
2026-06-15
NVD
CVE-2026-2555
EUVD
EUVD-2026-6091
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
jeecg jeecg_boot 3.9.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-2555 is a critical vulnerability in JeecgBoot version 3.9.1 affecting the function importDocumentFromZip in the AiragKnowledgeController.java file within the Retrieval-Augmented Generation component.

The vulnerability arises from improper handling of untrusted input data during deserialization, specifically when a specially crafted ZIP archive is uploaded. This leads to remote code execution by exploiting the MinerU parsing feature that processes the uploaded documents.

When MinerU parsing is enabled, the system extracts and processes files from the ZIP archive, including executing commands based on file names without sufficient validation. An attacker can upload a malicious ZIP file with specially named files to trigger arbitrary command execution on the server.

Exploitation requires uploading a crafted ZIP file through the AI knowledge base document upload interface, which then triggers asynchronous document rebuilding and parsing that leads to command execution.

Although the attack can be launched remotely, it is considered highly complex and difficult to exploit. No public exploit is currently available, and the project has not yet provided official mitigations.

Impact Analysis

This vulnerability can lead to remote code execution on the affected server running JeecgBoot 3.9.1, allowing an attacker to execute arbitrary system commands.

Successful exploitation can compromise the confidentiality, integrity, and availability of the system by allowing unauthorized access, data manipulation, or disruption of services.

Because the vulnerability involves deserialization of untrusted data and command execution, attackers could potentially gain control over the server environment, leading to further attacks or data breaches.

The exploitability is difficult, and no public exploit is known, but the risk remains significant due to the critical nature of remote code execution.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability can be detected by monitoring for uploads of specially crafted ZIP files to the AI knowledge base document upload endpoint, specifically targeting the importDocumentFromZip function in JeecgBoot 3.9.1. Suspicious filenames in uploaded ZIP archives, such as those containing command injection patterns (e.g., filenames like '&calc.exe&1.pdf'), are indicators of exploitation attempts."}, {'type': 'paragraph', 'content': 'Detection can involve checking server logs for requests to the endpoint /doc/import/zip and analyzing uploaded ZIP file contents for suspicious filenames or unexpected file extraction activities.'}, {'type': 'paragraph', 'content': 'Since the vulnerability involves command execution triggered by file names during document parsing, monitoring for unusual command execution or process spawning related to the document upload process can also help detect exploitation.'}, {'type': 'paragraph', 'content': 'Suggested commands to detect suspicious files or activities include:'}, {'type': 'list_item', 'content': "Use grep or similar tools to search server logs for uploads to the vulnerable endpoint: `grep '/doc/import/zip' /var/log/jeecgboot/access.log`"}, {'type': 'list_item', 'content': 'List recently uploaded ZIP files and inspect their contents for suspicious filenames: `unzip -l suspicious_upload.zip`'}, {'type': 'list_item', 'content': 'Monitor running processes or command executions triggered by the application user, for example: `ps aux | grep java` or checking command execution logs if available.'}, {'type': 'list_item', 'content': 'Set up file integrity monitoring on the document upload directories to detect unexpected file creations or modifications.'}] [4]

Mitigation Strategies

Immediate mitigation steps include disabling the MinerU parsing feature by setting `jeecg.airag.know.enable-miner-u: false` in the `application.yml` configuration file, as this feature enables the vulnerable code path.

Avoid uploading untrusted or suspicious ZIP files to the AI knowledge base document upload interface until a patch or official fix is released.

Monitor and restrict access to the document upload endpoint `/doc/import/zip` to trusted users only, applying strict authentication and authorization controls.

Consider replacing or upgrading the affected JeecgBoot component if an official patch or update becomes available, as the project has not yet responded with a fix.

Implement network-level protections such as Web Application Firewalls (WAFs) to detect and block malicious payloads targeting this vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2555. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart