A vulnerability marked as problematic has been reported in Outline up to 1.7.0 . This issue affects the function subscriptions.create of the component API Endpoint . This manipulation causes authorization bypass. This vulnerability is registered as CVE-2026-43890 . Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.