CVE-2026-40585

Name of the Vulnerable Software and Affected Versions blueprintUE versions prior to 4.2.0

Description When a password reset is initiated, a 128-character CSPRNG (Cryptographically Secure Pseudo-Random Number Generator) token is generated and stored with a timestamp. The token redemption function findUserIDFromEmailAndToken() only verifies the email and token pair, failing to check if the timestamp has exceeded a maximum validity window. Consequently, a reset token remains valid indefinitely until it is used or replaced by a new request.

Recommendations Update to version 4.2.0.