Vulnerabilities

CVE-2026-0571 - yeqifu warehouse AppFileUtils.java createResponseEntity path traversal

2026-01-02 0 views admin

CVE ID : CVE-2026-0571 Published : Jan. 2, 2026, 8:16 p.m. | 1 hour, 51 minutes ago Description : A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function createResponseEntity of the file warehouse\src\main\java\com\yeqifu\sys\common\AppFileUtils.java. The manipulation of the argument path results in path traversal. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-0571

Severity

MEDIUM

Published

Jan. 2, 2026

Affected Product: java

Impact: path traversal

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-0571mediumjava

CVE-2026-0571 - yeqifu warehouse AppFileUtils.java createResponseEntity path traversal

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-21447 - Bagisto has IDOR in Customer Order Reorder Functionality

CVE-2026-21448 - Bagisto has Normal & Blind SSTI from low-privilege user when ordering product

CVE-2026-21451 - Bagisto has HTML Filter Bypass that Enables Stored XSS

CVE-2026-21450 - Bagisto has SSTI in parameter that can lead to RCE

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting