cbcvebase.

Yeqifu Warehouse vulnerabilities

14 known vulnerabilities affecting yeqifu/warehouse.

Total CVEs
14
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH9MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2026-2106P2HIGHCVSS 8.8≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-02-07
CVE-2026-2106 [HIGH] CWE-266 CVE-2026-2106: A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. T A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The impacted element is the function addNotice/updateNotice/deleteNotice/batchDeleteNotice of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\NoticeController.java of the component Notice Management. The manipulation leads to impro
nvd
CVE-2026-0574P3HIGHCVSS 8.8≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-01-04
CVE-2026-0574 [HIGH] CWE-266 CVE-2026-0574: A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. T A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function saveUserRole of the file warehouse\src\main\java\com\yeqifu\sys\controller\UserController.java of the component Request Handler. This manipulation causes improper authorization. The attack is possible to be carried out remotely. T
nvd
CVE-2026-2078P3HIGHCVSS 8.8≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-02-07
CVE-2026-2078 [HIGH] CWE-266 CVE-2026-2078: A vulnerability was detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Thi A vulnerability was detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addPermission/updatePermission/deletePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\PermissionController.java of the component Permission Management. Performing a manipulation results in impro
nvd
CVE-2026-2076P3HIGHCVSS 8.8≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-02-07
CVE-2026-2076 [HIGH] CWE-266 CVE-2026-2076: A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. A A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this vulnerability is the function addUser/updateUser/deleteUser of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\UserController.java of the component User Management Endpoint. This manipulation causes improper author
nvd
CVE-2026-2075P3HIGHCVSS 8.8≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-02-07
CVE-2026-2075 [HIGH] CWE-266 CVE-2026-2075: A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670 A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role-Permission Binding Handler. The manipulation results in improper access controls. It is p
nvd
CVE-2026-2079P3HIGHCVSS 8.8≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-02-07
CVE-2026-2079 [HIGH] CWE-266 CVE-2026-2079: A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This vulne A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This vulnerability affects the function addMenu/updateMenu/deleteMenu of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\MenuController.java of the component Menu Management. Executing a manipulation can lead to improper authorization. The
nvd
CVE-2026-2107P3HIGHCVSS 8.8≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-02-07
CVE-2026-2107 [HIGH] CWE-266 CVE-2026-2107: A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This a A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function loadAllLoginfo/deleteLoginfo/batchDeleteLoginfo of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\LoginfoController.java of the component Log Info Handler. The manipulation results in improper authorization. T
nvd
CVE-2026-2105P3HIGHCVSS 8.8≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-02-07
CVE-2026-2105 [HIGH] CWE-266 CVE-2026-2105: A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The affect A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The affected element is the function addDept/updateDept/deleteDept of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\DeptController.java of the component Department Management. Executing a manipulation can lead to improper authorization. I
nvd
CVE-2026-2077P3HIGHCVSS 8.8≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-02-07
CVE-2026-2077 [HIGH] CWE-266 CVE-2026-2077: A security vulnerability has been detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796e A security vulnerability has been detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function addRole/updateRole/deleteRole of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role Management Handler. Such manipulation leads to improper a
nvd
CVE-2026-0571P3MEDIUMCVSS 6.5≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-01-02
CVE-2026-0571 [MEDIUM] CWE-22 CVE-2026-0571: A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670 A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function createResponseEntity of the file warehouse\src\main\java\com\yeqifu\sys\common\AppFileUtils.java. The manipulation of the argument path results in path traversal. The attack may be launched remotely. The exploit
nvd
CVE-2026-2849P3MEDIUMCVSS 6.3≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-02-20
CVE-2026-2849 [MEDIUM] CWE-266 CVE-2026-2849: A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. A A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function deleteCache/removeAllCache/syncCache of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\CacheController.java of the component Cache Sync Handler. Such manipulation leads to improper access c
nvd
CVE-2026-2852P3MEDIUMCVSS 6.3≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-02-20
CVE-2026-2852 [MEDIUM] CWE-266 CVE-2026-2852: A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. T A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java of the component Sales Endpoint. The manipulation leads to improper access controls. The att
nvd
CVE-2026-2850P3MEDIUMCVSS 6.5≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-02-20
CVE-2026-2850 [MEDIUM] CWE-266 CVE-2026-2850: A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This a A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addCustomer/updateCustomer/deleteCustomer of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\CustomerController.java of the component Customer Endpoint. Performing a manipulation results in improper access co
nvd
CVE-2026-2851P4MEDIUMCVSS 5.3≤ 2025-10-06vaaf29962ba407d22d991781de28796ee7b4670e42026-02-20
CVE-2026-2851 [MEDIUM] CWE-266 CVE-2026-2851: A vulnerability was determined in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. T A vulnerability was determined in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This vulnerability affects the function addInport/updateInport/deleteInport of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\InportController.java of the component Inport Endpoint. Executing a manipulation can lead to improper
nvd
Yeqifu Warehouse vulnerabilities | cvebase