Improper Authorization in Yeqifu Warehouse Menu Management
CVE-2026-2079
Key Information:
Badges
What is CVE-2026-2079?
A vulnerability has been identified in the Yeqifu Warehouse application leading to improper authorization within the Menu Management functionality. Specifically, the flaw is located in the addMenu/updateMenu/deleteMenu methods of the MenuController.java file. This security issue allows remote attackers to manipulate menu settings, potentially leading to unauthorized access. The affected version operates on a rolling release basis, meaning updates are delivered continuously, yet specific versioning details remain unavailable. An initial report was submitted to the project maintainers regarding this flaw, but no public response has been noted, raising concerns about the reliability of the application for users.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
warehouse aaf29962ba407d22d991781de28796ee7b4670e4
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved