CVE-2026-0571 | yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4 AppFileUtils.java createResponseEntity path path traversal

A vulnerability labeled as critical has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function createResponseEntity of the file warehousesrcmainjavacomyeqifusyscommonAppFileUtils.java. The manipulation of the argument path results in path traversal.

This vulnerability is cataloged as CVE-2026-0571. The attack may be launched remotely. Furthermore, there is an exploit available.

This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases.

CVE-2026-0571 | yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4 AppFileUtils.java createResponseEntity path path traversal

Post correlati

CVE-2023-37541 | HCL Connections 7.0/8.0 access control (KB0114156)

CVE-2024-6900 | SourceCodester Record Management System 1.0 edit_emp.php id sql injection

CVE-2025-53540 | Espressif arduino-esp32 up to 3.2.0 Update Endpoint cross-site request forgery (GHSA-9vfw-wx65-c872 / EUVD-2025-20306)

CVE-2024-5452 | lightning-ai pytorch-lightning dynamically-determined object attributes