{"id":"CVE-2026-3188","details":"A security flaw has been discovered in feiyuchuixue sz-boot-parent up to 1.3.2-beta. This affects an unknown part of the file /api/admin/common/download/templates of the component API. Performing a manipulation of the argument templateName results in path traversal. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. Upgrading to version 1.3.3-beta is able to mitigate this issue. The patch is named aefaabfd7527188bfba3c8c9eee17c316d094802. It is recommended to upgrade the affected component. The project was informed beforehand and acted very professional: \"We have implemented path validity checks on parameters for the template download interface (...)\"","modified":"2026-04-12T20:14:12.184600Z","published":"2026-02-25T16:23:30.203Z","references":[{"type":"WEB","url":"https://vuldb.com/?submit.754041"},{"type":"WEB","url":"https://github.com/feiyuchuixue/sz-boot-parent/"},{"type":"WEB","url":"https://github.com/feiyuchuixue/sz-boot-parent/releases/tag/v1.3.3-beta"},{"type":"WEB","url":"https://github.com/yuccun/CVE/blob/main/sz-boot-parent-Path_Traversal_to_Arbitrary_Resource_File_Read.md"},{"type":"WEB","url":"https://vuldb.com/?ctiid.347746"},{"type":"WEB","url":"https://vuldb.com/?id.347746"},{"type":"FIX","url":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/feiyuchuixue/sz-boot-parent","events":[{"introduced":"0"},{"fixed":"aefaabfd7527188bfba3c8c9eee17c316d094802"}]},{"type":"GIT","repo":"https://github.com/feiyuchuixue/sz-boot-parent","events":[{"introduced":"0"},{"fixed":"aa006068f35ea29944af1a4f7112c9cced57a10c"}]}],"versions":["v0.6.0","v0.6.1","v0.6.2","v0.6.3","v0.6.4","v0.7.10","v0.7.11","v0.7.2","v0.7.3","v0.7.4","v0.7.5","v0.7.6","v0.7.7","v0.7.8","v0.7.9","v0.8.0","v0.8.1","v0.8.2","v0.8.3","v0.8.4","v0.8.5","v0.8.6","v0.8.7","v0.8.8","v0.9.0","v1.0.0-beta","v1.0.1-beta","v1.1.0-beta","v1.2.0-beta","v1.2.1-beta","v1.2.2-beta","v1.2.3-beta","v1.2.4-beta","v1.2.5-beta","v1.2.6-beta","v1.3.0-beta","v1.3.1-beta","v1.3.2-beta"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3188.json","vanir_signatures":[{"digest":{"line_hashes":["323699978759532718635517452930014157374","278512815284875105518285646130543054351","36593422020877463883026974281695531237","272061730393614553358149570337127224283","53103655436858705070311452962028882628","44075739219662578324712019844678751771","327294547989315988770463799345714587219","239202637047055361717084429664878585266","286830467102291430063201447598526686506","278046516090588714991238521370842759171","458335260742716500581542517133734864","216810359571802661167438494342302831140","323131193342097975444505137381207414144","94591104986195072435463028310334849886","301282123361441700893620100181908019869"],"threshold":0.9},"signature_version":"v1","target":{"file":"sz-service/sz-service-admin/src/main/java/com/sz/admin/system/service/impl/CommonServiceImpl.java"},"signature_type":"Line","deprecated":false,"id":"CVE-2026-3188-03a875f0","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802"},{"digest":{"function_hash":"91968328190997309201035462725446067993","length":1084},"signature_version":"v1","target":{"file":"sz-common/sz-common-oss/src/main/java/com/sz/oss/OssClient.java","function":"upload"},"signature_type":"Function","deprecated":false,"id":"CVE-2026-3188-1a1f17cb","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802"},{"digest":{"function_hash":"148515232992734810439385593609049960115","length":1350},"signature_version":"v1","target":{"file":"sz-service/sz-service-admin/src/main/java/com/sz/admin/system/service/impl/CommonServiceImpl.java","function":"tempDownload"},"signature_type":"Function","deprecated":false,"id":"CVE-2026-3188-6dbb5e1a","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802"},{"digest":{"function_hash":"308803253615992416229235436819114806219","length":468},"signature_version":"v1","target":{"file":"sz-service/sz-service-admin/src/main/java/com/sz/admin/system/service/impl/SysFileServiceImpl.java","function":"uploadFile"},"signature_type":"Function","deprecated":false,"id":"CVE-2026-3188-7b4f6945","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802"},{"digest":{"line_hashes":["277942120457754224802171963001660316056","88837087369728294789047350726325442175","235235260745382181237867899821030565974","15742790080606154877780864469318451144","231192593096753076971379037027650252815","283608100241087537028963326420930173127","305846107919889889682150550143677653953","313352502671975385882582273382790166756"],"threshold":0.9},"signature_version":"v1","target":{"file":"sz-common/sz-common-core/src/main/java/com/sz/core/common/enums/CommonResponseEnum.java"},"signature_type":"Line","deprecated":false,"id":"CVE-2026-3188-863be5ed","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802"},{"digest":{"function_hash":"225278081170458871218076099460204604216","length":611},"signature_version":"v1","target":{"file":"sz-service/sz-service-admin/src/main/java/com/sz/admin/system/service/impl/CommonServiceImpl.java","function":"urlDownload"},"signature_type":"Function","deprecated":false,"id":"CVE-2026-3188-99ab2139","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802"},{"digest":{"line_hashes":["103138851156029986833163544553542688400","109618906410909670291605387106640317792","60778242656958474165163829742022739704","196975535504903561188456788947563278753","240200906823074802306116717207224145263","337650335776309080559168071809135516213","140067407883095246107825187588006492025","42294433730485082846360042258796992520","239791871285488964924840426468120753147","180561142787809721723887880360824244471","291039854275591684202010979994120181055","30839313325673629537549220149649326349","77685321241126713991814648024566266221"],"threshold":0.9},"signature_version":"v1","target":{"file":"sz-common/sz-common-oss/src/main/java/com/sz/oss/OssClient.java"},"signature_type":"Line","deprecated":false,"id":"CVE-2026-3188-b0bec15b","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802"},{"digest":{"line_hashes":["219440635577386967702728018467494114535","274713120834129023108041582438663570771","332555259173332961810998646747950140923","116274267578782298374217174753197197545","83214300295503441277927501406928722994","245551531657935898725553262143855049599","303812482602061557159547400622892344696","243015244187948900821873619343399406478","36155483903363266227726369675222470404","302677085514228203606156016271870625560","79729122850387585055962612807087702634","280436730576346234974564080073639337604","296284648725456880477082201465509265358","338572306453143723672042702560475775543","15337108793607785757019877705392563981","78418422176974080163608964182484926822","290008086871022100423469916381280328026","227412099732104436736556730522483151363","32384376755146565297952128543851637210","247367233454898545863512972355923508535","288935083785579605236106196027180320286","159159567493344269134286897692888767198"],"threshold":0.9},"signature_version":"v1","target":{"file":"sz-service/sz-service-admin/src/main/java/com/sz/admin/system/service/impl/SysFileServiceImpl.java"},"signature_type":"Line","deprecated":false,"id":"CVE-2026-3188-d3a4ab97","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802"},{"digest":{"line_hashes":["247997219865391784818402276383106638516","82476260474160191190619696386489110591"],"threshold":0.9},"signature_version":"v1","target":{"file":"sz-common/sz-common-core/src/main/java/com/sz/core/util/Utils.java"},"signature_type":"Line","deprecated":false,"id":"CVE-2026-3188-f2e197dc","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802"},{"digest":{"line_hashes":["37567395144001211202463691524831225894","165548830934288695250151783318675438571","151277052329436100383129648884142921812","258731638997879764379183999121629997132"],"threshold":0.9},"signature_version":"v1","target":{"file":"sz-common/sz-common-oss/src/main/java/com/sz/oss/OssProperties.java"},"signature_type":"Line","deprecated":false,"id":"CVE-2026-3188-f8c5b70a","source":"https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9eee17c316d094802"}],"vanir_signatures_modified":"2026-04-12T20:14:12Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}]}