Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
Zhanghuanhao Library System 1.1.1: Unrestricted Access to User Data
CVE-2026-2549
Summary
A security issue was found in Zhanghuanhao Library System version 1.1.1 that could allow an attacker to access sensitive information without permission. This is a significant concern because it could lead to unauthorized access to user data. We recommend that the developers of the system review and fix this issue as soon as possible to prevent any potential misuse.
Original title
A vulnerability has been found in zhanghuanhao LibrarySystem 图书馆管理系统 up to 1.1.1. This impacts an unknown function of the file BookController.java. The manipulation leads to improper access control...
Original description
A vulnerability has been found in zhanghuanhao LibrarySystem 图书馆管理系统 up to 1.1.1. This impacts an unknown function of the file BookController.java. The manipulation leads to improper access controls. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-266
Incorrect Privilege Assignment
CWE-284
Improper Access Control
Published: 16 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026