CNNVD-202601-2405 Information

CNNVD ID

CNNVD-202601-2405

Related CVE

CVE-2026-22240

• CNNVD Published: 2026-01-14

Description (Chinese)

Bluspark BLUVOYIX是美国Bluspark公司的一个数字化供应链管理平台。 Bluspark BLUVOYIX存在安全漏洞，该漏洞源于密码存储实现不当及通过未经验证的API暴露，可能导致攻击者检索所有用户的明文密码，从而完全访问客户数据并彻底破坏目标平台。

Description (English)

Bluspank BLUVOYIX is a digital supply chain management platform for Bluespank in the United States. There is a security loophole in Bluspank BLUVOYIX, which stems from the improper implementation of password storage and exposure through unverified API, which may lead to the search of all user’s explicit passwords by the attackers, leading to complete access to client data and complete destruction of the target platform.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Bluspark

Published

2026-01-14

Last Modified

2026-02-24

References

https://blusparkglobal.com/bluvoyix/ https://access.redhat.com/security/cve/cve-2026-22240