A vulnerability marked as critical has been reported in JeecgBoot up to 3.9.1 . The affected element is the function LoginController.selectDepart of the file /sys/selectDepart . This manipulation causes improper access controls. This vulnerability is registered as CVE-2026-9580 . Remote exploitation of the attack is possible. Furthermore, an exploit is available. It is suggested to upgrade the affected component.