Describe the bug
createaddition:rolling_mill is included in the blueprint printer’s safe_NBT. However, since it has an item tag, it can directly print any item contained within it. By modifying the NBT data, players can bypass restrictions and use the blueprint printer to obtain any illegal item.

To Reproduce
Steps to reproduce the behavior:

Obtain a blueprint print of createaddition:rolling_mill.

Modify its NBT item tag to any desired target item.

Insert it into the printer and execute the print operation.

Receive the modified illegal item.

Additional context

Mod version: 1.5.2

Forge version: Neoforge 21.1.203

Create version: 6.0.6

This vulnerability has been confirmed to be reproducible, and I hope the author can fix it soon. It should be relatively simple to address; however, this issue exists in a vast number of attachments, so these vulnerabilities will continue to appear.

To prevent this, I have a project on GitHub that you can refer to; it can directly remove any creations or tagged vulnerabilities and also clean up blacklisted blocks and items based on rules. Even if this vulnerability is not fixed, the removal function of this project will still prevent triggering this vulnerability or any similar ones.

GitHub Project

Before this vulnerability is patched, server owners with Create servers can give it a try:

CreateSchematicsChecker-Python

Fixed in 1.5.3