A vulnerability was found in WebPros Comet Backup up to 26.1.1/26.2.1 . It has been declared as problematic . This affects an unknown function of the component API Call Handler . Executing a manipulation can lead to authorization bypass. This vulnerability is registered as CVE-2026-29200 . It is possible to launch the attack remotely. No exploit is available. It is recommended to upgrade the affected component.