CVE-2026-2078

Name of the Vulnerable Software and Affected Versions yeqifu warehouse (affected versions not specified)

Description A security issue exists in yeqifu warehouse related to improper authorization. The issue is located within the Permission Management component, specifically in the addPermission(), updatePermission(), and deletePermission() functions of the file datasetreposwarehousesrcmainjavacomyeqifusyscontrollerPermissionController.java. The attack can be initiated remotely and the exploit is publicly available. The product utilizes a rolling release model, meaning specific version information for affected or updated releases is not available. The project was notified of the issue but has not yet responded.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.