A vulnerability was found in JeecgBoot 3.9.1 . It has been declared as critical . This issue affects some unknown processing of the file /openapi/call/ of the component OpenAPI Endpoint . Such manipulation leads to improper authentication. This vulnerability is documented as CVE-2026-9373 . The attack can be executed remotely. There is not any exploit available. The vendor was contacted early about this disclosure but did not respond in any way.