CNNVD-202602-1101 Information

Feb 07, 2026 cve

CNNVD ID

CNNVD-202602-1101

CVE-2026-2106

CNNVD Published: 2026-02-07

Description (Chinese)

warehouse是yeqifu个人开发者的一个基于spring boot的中小型仓库物流管理系统。 warehouse存在授权问题漏洞，该漏洞源于对组件Notice Management中文件dataset eposwarehousesrcmainjavacomyeqifusyscontrollerNoticeController.java函数addNotice/updateNotice/deleteNotice/batchDeleteNotice的错误操作，可能导致授权不当。

Description (English)

Warehouse is a small and medium-sized warehouse logistics management system based on spring Boot, which is ayeqifu personal developer. There is a loophole in the issue of delegation of authority in the warehouse, which stems from the misperformation of the document dataset eposwarehousr and aintjavacompuisyscontroller.java function addNotice/updateNotice/deleteNotice/batchDeleteNotice of component Notice.

Hazard Level

High

Vulnerability Type

授权问题

Affected Vendor

个人开发者

Published

2026-02-07

Last Modified

2026-02-24

References

https://github.com/yeqifu/warehouse/ https://github.com/yeqifu/warehouse/issues/58 https://github.com/yeqifu/warehouse/issues/58#issue-3846664260 https://vuldb.com/?ctiid.344682 https://vuldb.com/?id.344682 https://vuldb.com/?submit.745516 https://access.redhat.com/security/cve/cve-2026-2106

Share on: