CVE-2026-2849 yeqifu warehouse Cache Sync CacheController.java syncCache access control

A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function deleteCache/removeAllCache/syncCache of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\CacheController.java of the component Cache Sy...

CVE-2026-2849

The CVE affects yeqifu warehouse (up to commit aaf29962ba407d22d991781de28796ee7b4670e4). The vulnerable component is the Cache Sync Handler, specifically the CacheController.java functions deleteCache, removeAllCache, and syncCache. The root cause is improper access controls in these methods, en...

PT-2026-21247

A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function deleteCache/removeAllCache/syncCache of the file datasetreposwarehousesrcmainjavacomyeqifusyscontrollerCacheController.java of the component Cache Sync Handler...

warehouse 访问控制错误漏洞

Warehouse is a small-scale warehouse logistics management system developed by Yeqifu’s individual developer, based on Spring Boot. There is an access control vulnerability in Warehouse. This vulnerability stems from improper access control issues in the functions deleteCache, removeAllCache, and...