A vulnerability described as critical has been identified in efwGrp efw4.X up to 4.08.9 . This vulnerability affects the function elfinder_checkRisk . Such manipulation leads to incorrect authorization. This vulnerability is referenced as CVE-2026-44260 . It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.