CVE-2026-0574 | yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4 Request UserController.java saveUserRole improper authorization

A vulnerability classified as critical has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function saveUserRole of the file warehousesrcmainjavacomyeqifusyscontrollerUserController.java of the component Request Handler. This manipulation causes improper authorization.

This vulnerability is tracked as CVE-2026-0574. The attack is possible to be carried out remotely. Moreover, an exploit is present.

This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified.

CVE-2026-0574 | yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4 Request UserController.java saveUserRole improper authorization

Post correlati

CVE-2024-29040 | tpm2-tss Quote Data Fapi_VerifyQuote Privilege Escalation

CVE-2024-6482 | Login with Phone Number Plugin up to 1.7.49 on WordPress authorization

CVE-2024-20443 | Cisco ASA/Identity Services Engine Web-based Management Interface cross site scripting (cisco-sa-ise-xss-V2bm9JCY)

CVE-2024-47133 | I-O DATA DEVICE UD-LT1/UD-LT1 EX up to 2.1.8 os command injection