A vulnerability described as critical has been identified in Cleanuparr up to 2.9.9 . Affected by this issue is some unknown functionality of the component X-Forwarded-For Handler . Executing a manipulation can lead to authentication bypass by spoofing. This vulnerability appears as CVE-2026-44183 . The attack may be performed from remote. There is no available exploit. Upgrading the affected component is recommended.