Blueprintue Blueprintue-self-hosted-edition
4 CVEs affecting Blueprintue Blueprintue-self-hosted-edition. Latest disclosed: 2026-04-21. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-40588 | High | 8.1 | 2026-04-21 | blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the password change form at /profile/{slug}/edit/ does not include a current_password f… |
CVE-2026-40586 | High | 7.5 | 2026-04-21 | blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the login form handler performs no throttling of any kind. Failed authentication attemp… |
CVE-2026-40585 | High | 7.4 | 2026-04-21 | blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a password reset is initiated, a 128-character CSPRNG token is generated and store… |
CVE-2026-40587 | Medium | 6.5 | 2026-04-21 | blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a user changes their password via the profile edit page, or when a password reset… |