A vulnerability identified as critical has been detected in Craft CMS up to 4.17.5/5.9.11 . The impacted element is an unknown function. This manipulation causes incorrect authorization. This vulnerability is registered as CVE-2026-32267 . Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.