CVE-2026-2076

Name of the Vulnerable Software and Affected Versions yeqifu warehouse versions prior to aaf29962ba407d22d991781de28796ee7b4670e4

Description A weakness exists due to improper authorization within the User Management Endpoint component. The issue is related to the addUser, updateUser, and deleteUser functions located in the file datasetreposwarehousesrcmainjavacomyeqifusyscontrollerUserController.java. The attack can be initiated remotely, and the exploit has been publicly released. Continuous delivery with rolling releases is utilized, meaning specific version details for affected or updated releases are unavailable.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.