{"id":"CVE-2026-3186","details":"A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the component Password Reset Handler. This manipulation of the argument userId causes use of default password. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 1.3.3-beta addresses this issue. Patch name: aefaabfd7527188bfba3c8c9eee17c316d094802. It is suggested to upgrade the affected component. The project was informed beforehand and acted very professional: \"We have added authorization validation to the password reset interface; now only users with the corresponding permissions are allowed to perform password resets.\"","modified":"2026-04-12T20:14:11.640755Z","published":"2026-02-25T14:16:21.767Z","references":[{"type":"WEB","url":"https://github.com/feiyuchuixue/sz-boot-parent/"},{"type":"ADVISORY","url":"https://github.com/feiyuchuixue/sz-boot-parent/releases/tag/v1.3.3-beta"},{"type":"ADVISORY","url":"https://vuldb.com/?id.347744"},{"type":"ADVISORY","url":"https://vuldb.com/?submit.754037"},{"type":"REPORT","url":"https://vuldb.com/?ctiid.347744"},{"type":"FIX","url":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802"},{"type":"EVIDENCE","url":"https://github.com/yuccun/CVE/blob/main/sz-boot-parent-VPE_Unauthorized_Password_Reset.md"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/feiyuchuixue/sz-boot-parent","events":[{"introduced":"0"},{"last_affected":"9ee01d24252d86a1844dbbf9fb448879e1d4a971"},{"introduced":"0"},{"last_affected":"0de7f8a850826bff23d74dc3e7fd52d6cec945f8"},{"introduced":"0"},{"last_affected":"f05130dc264a825b0383a452d9f1343f243690ca"},{"introduced":"0"},{"last_affected":"67f92e92b2c68039c10227c551f256bb0e002bcc"},{"introduced":"0"},{"last_affected":"8da9d277385448e66046dcaab93115fdb91b7ea4"},{"introduced":"0"},{"last_affected":"2e231f815765d091a0a3f2e7c361644be25b3b56"},{"introduced":"0"},{"last_affected":"96dde28085f5cafaf30cfe5e9fec9cf6940ec39a"},{"introduced":"0"},{"last_affected":"0cebf91196559902f2ef3a45128d85cc5fb8967e"},{"introduced":"0"},{"last_affected":"53522fe0ab77437ba9350d4b083aeaf666f1045a"},{"introduced":"0"},{"last_affected":"e2865a98d6f6748ed11547843be3ed5497310516"},{"introduced":"0"},{"last_affected":"ad60f20cc25560fcb84ff2ea92e32bb19d523d65"},{"introduced":"0"},{"last_affected":"2eb6092bdd320eda26c4b5f2b0c110e9a46a739b"},{"introduced":"0"},{"last_affected":"3da10c8193a47248a6880a86f31d2e350bd11580"},{"introduced":"0"},{"last_affected":"5cac7ffeb75a2689a2c9da8b3bd29d04d76c69a9"},{"introduced":"0"},{"last_affected":"18412469a778f31a6f9fe4b10317d8e11fa091c5"},{"fixed":"aefaabfd7527188bfba3c8c9eee17c316d094802"},{"fixed":"aa006068f35ea29944af1a4f7112c9cced57a10c"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.9.0"},{"introduced":"0"},{"last_affected":"1.0.0-beta"},{"introduced":"0"},{"last_affected":"1.0.1-beta"},{"introduced":"0"},{"last_affected":"1.0.2-beta"},{"introduced":"0"},{"last_affected":"1.1.0-beta"},{"introduced":"0"},{"last_affected":"1.2.0-beta"},{"introduced":"0"},{"last_affected":"1.2.1-beta"},{"introduced":"0"},{"last_affected":"1.2.2-beta"},{"introduced":"0"},{"last_affected":"1.2.3-beta"},{"introduced":"0"},{"last_affected":"1.2.4-beta"},{"introduced":"0"},{"last_affected":"1.2.5-beta"},{"introduced":"0"},{"last_affected":"1.2.6-beta"},{"introduced":"0"},{"last_affected":"1.3.0-beta"},{"introduced":"0"},{"last_affected":"1.3.1-beta"},{"introduced":"0"},{"last_affected":"1.3.2-beta"}]}}],"versions":["v0.6.0","v0.6.1","v0.6.2","v0.6.3","v0.6.4","v0.7.10","v0.7.11","v0.7.2","v0.7.3","v0.7.4","v0.7.5","v0.7.6","v0.7.7","v0.7.8","v0.7.9","v0.8.0","v0.8.1","v0.8.2","v0.8.3","v0.8.4","v0.8.5","v0.8.6","v0.8.7","v0.8.8","v0.9.0","v1.0.0-beta","v1.0.1-beta","v1.0.2-beta","v1.1.0-beta","v1.2.0-beta","v1.2.1-beta","v1.2.2-beta","v1.2.3-beta","v1.2.4-beta","v1.2.5-beta","v1.2.6-beta","v1.3.0-beta","v1.3.1-beta","v1.3.2-beta"],"database_specific":{"vanir_signatures_modified":"2026-04-12T20:14:11Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3186.json","vanir_signatures":[{"deprecated":false,"id":"CVE-2026-3186-03a875f0","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802","digest":{"threshold":0.9,"line_hashes":["323699978759532718635517452930014157374","278512815284875105518285646130543054351","36593422020877463883026974281695531237","272061730393614553358149570337127224283","53103655436858705070311452962028882628","44075739219662578324712019844678751771","327294547989315988770463799345714587219","239202637047055361717084429664878585266","286830467102291430063201447598526686506","278046516090588714991238521370842759171","458335260742716500581542517133734864","216810359571802661167438494342302831140","323131193342097975444505137381207414144","94591104986195072435463028310334849886","301282123361441700893620100181908019869"]},"target":{"file":"sz-service/sz-service-admin/src/main/java/com/sz/admin/system/service/impl/CommonServiceImpl.java"},"signature_version":"v1","signature_type":"Line"},{"deprecated":false,"id":"CVE-2026-3186-1a1f17cb","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802","digest":{"length":1084,"function_hash":"91968328190997309201035462725446067993"},"target":{"function":"upload","file":"sz-common/sz-common-oss/src/main/java/com/sz/oss/OssClient.java"},"signature_version":"v1","signature_type":"Function"},{"deprecated":false,"id":"CVE-2026-3186-6dbb5e1a","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802","digest":{"length":1350,"function_hash":"148515232992734810439385593609049960115"},"target":{"function":"tempDownload","file":"sz-service/sz-service-admin/src/main/java/com/sz/admin/system/service/impl/CommonServiceImpl.java"},"signature_version":"v1","signature_type":"Function"},{"deprecated":false,"id":"CVE-2026-3186-7b4f6945","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802","digest":{"length":468,"function_hash":"308803253615992416229235436819114806219"},"target":{"function":"uploadFile","file":"sz-service/sz-service-admin/src/main/java/com/sz/admin/system/service/impl/SysFileServiceImpl.java"},"signature_version":"v1","signature_type":"Function"},{"deprecated":false,"id":"CVE-2026-3186-863be5ed","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802","digest":{"threshold":0.9,"line_hashes":["277942120457754224802171963001660316056","88837087369728294789047350726325442175","235235260745382181237867899821030565974","15742790080606154877780864469318451144","231192593096753076971379037027650252815","283608100241087537028963326420930173127","305846107919889889682150550143677653953","313352502671975385882582273382790166756"]},"target":{"file":"sz-common/sz-common-core/src/main/java/com/sz/core/common/enums/CommonResponseEnum.java"},"signature_version":"v1","signature_type":"Line"},{"deprecated":false,"id":"CVE-2026-3186-99ab2139","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802","digest":{"length":611,"function_hash":"225278081170458871218076099460204604216"},"target":{"function":"urlDownload","file":"sz-service/sz-service-admin/src/main/java/com/sz/admin/system/service/impl/CommonServiceImpl.java"},"signature_version":"v1","signature_type":"Function"},{"deprecated":false,"id":"CVE-2026-3186-b0bec15b","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802","digest":{"threshold":0.9,"line_hashes":["103138851156029986833163544553542688400","109618906410909670291605387106640317792","60778242656958474165163829742022739704","196975535504903561188456788947563278753","240200906823074802306116717207224145263","337650335776309080559168071809135516213","140067407883095246107825187588006492025","42294433730485082846360042258796992520","239791871285488964924840426468120753147","180561142787809721723887880360824244471","291039854275591684202010979994120181055","30839313325673629537549220149649326349","77685321241126713991814648024566266221"]},"target":{"file":"sz-common/sz-common-oss/src/main/java/com/sz/oss/OssClient.java"},"signature_version":"v1","signature_type":"Line"},{"deprecated":false,"id":"CVE-2026-3186-d3a4ab97","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802","digest":{"threshold":0.9,"line_hashes":["219440635577386967702728018467494114535","274713120834129023108041582438663570771","332555259173332961810998646747950140923","116274267578782298374217174753197197545","83214300295503441277927501406928722994","245551531657935898725553262143855049599","303812482602061557159547400622892344696","243015244187948900821873619343399406478","36155483903363266227726369675222470404","302677085514228203606156016271870625560","79729122850387585055962612807087702634","280436730576346234974564080073639337604","296284648725456880477082201465509265358","338572306453143723672042702560475775543","15337108793607785757019877705392563981","78418422176974080163608964182484926822","290008086871022100423469916381280328026","227412099732104436736556730522483151363","32384376755146565297952128543851637210","247367233454898545863512972355923508535","288935083785579605236106196027180320286","159159567493344269134286897692888767198"]},"target":{"file":"sz-service/sz-service-admin/src/main/java/com/sz/admin/system/service/impl/SysFileServiceImpl.java"},"signature_version":"v1","signature_type":"Line"},{"deprecated":false,"id":"CVE-2026-3186-f2e197dc","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802","digest":{"threshold":0.9,"line_hashes":["247997219865391784818402276383106638516","82476260474160191190619696386489110591"]},"target":{"file":"sz-common/sz-common-core/src/main/java/com/sz/core/util/Utils.java"},"signature_version":"v1","signature_type":"Line"},{"deprecated":false,"id":"CVE-2026-3186-f8c5b70a","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802","digest":{"threshold":0.9,"line_hashes":["37567395144001211202463691524831225894","165548830934288695250151783318675438571","151277052329436100383129648884142921812","258731638997879764379183999121629997132"]},"target":{"file":"sz-common/sz-common-oss/src/main/java/com/sz/oss/OssProperties.java"},"signature_version":"v1","signature_type":"Line"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}]}