Title: Missing Authentication for Critical Function in Himool ERP 2.2 Product: Himool ERP 2.2 Vulnerability Type: Memory Corruption due to Missing Authentication Description: Unauthenticated access to the endpoint allows for arbitrary creation or modification of company accounts. Severity: High (Implied by the points and detailed description) Source: https://github.com/caigo8/CVE-md/blob/main/BoxwoodERP/%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE.md Submitter: alunxzhou (UID 91433) Submission Date: November 11, 2025, at 11:43 AM Moderation Date: December 5, 2025, at 9:45 AM Status: Accepted VulDB Entry: 334479 (Relates to Himool ERP up to version 2.2 with improper authorization) Points: 16