A vulnerability was found in crmeb crmeb_java 1.4 . It has been declared as critical . Affected is the function RestTemplate.getForEntity of the file crmeb-common/src/main/java/com/zbkj/common/utils/RestTemplateUtil.java of the component base64 Qrcode Endpoint . The manipulation of the argument url results in server-side request forgery. This vulnerability is identified as CVE-2026-10771 . The attack can be executed remotely. Additionally, an exploit exists. The project was informed of the probl