A vulnerability categorized as problematic has been discovered in Craft CMS up to 4.17.4/5.9.10 . The affected element is an unknown function. The manipulation results in use of externally-controlled input to select classes or code. This vulnerability is cataloged as CVE-2026-32264 . The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.