EUVD-2026-24181CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
3DescriptionNVD
blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a password reset is initiated, a 128-character CSPRNG token is generated and stored alongside a password_reset_at timestamp. However, the token redemption function findUserIDFromEmailAndToken() queries only for a matching email + password_reset token pair - it does not check whether the password_reset_at timestamp has elapsed any maximum window. A generated reset token is valid indefinitely until it is explicitly consumed or overwritten by a subsequent reset request. This vulnerability is fixed in 4.2.0.
AnalysisAI
Password reset tokens in blueprintUE self-hosted edition remain valid indefinitely, allowing attackers who intercept a reset link to compromise accounts at any future time. The vulnerability affects all versions prior to 4.2.0. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Inventory all blueprintUE self-hosted deployments and document current version numbers; notify users of the indefinite token validity risk and recommend immediate password changes if reset emails were sent recently. Within 7 days: Implement network segmentation to restrict password reset email delivery to trusted channels only; enable email encryption (TLS) for all password reset communications. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today