CNNVD-202602-1130 Information

CNNVD ID

CNNVD-202602-1130

Related CVE

CVE-2026-2078

• CNNVD Published: 2026-02-07

Description (Chinese)

warehouse是yeqifu个人开发者的一个基于spring boot的中小型仓库物流管理系统。 warehouse存在授权问题漏洞，该漏洞源于权限管理功能中未对用户操作进行充分的授权验证，导致攻击者可远程越权执行权限变更操作。

Description (English)

Warehouse is a small and medium-sized warehouse logistics management system based on spring Boot, which is ayeqifu personal developer. There is a gap in the delegation of authority in the warehouse, which arises from the lack of adequate authorization of user operations in the competency management function, which results in the aggressor overstepping the authority to change operations remotely.

Hazard Level

High

Vulnerability Type

授权问题

Affected Vendor

个人开发者

Published

2026-02-07

Last Modified

2026-02-24

References

https://github.com/yeqifu/warehouse/ https://github.com/yeqifu/warehouse/issues/55 https://github.com/yeqifu/warehouse/issues/55#issue-3846656775 https://vuldb.com/?ctiid.344644 https://vuldb.com/?id.344644 https://vuldb.com/?submit.745513 https://access.redhat.com/security/cve/cve-2026-2078