A vulnerability identified as critical has been detected in Apache OFBiz up to 24.09.05 . This affects an unknown part of the component Password-Change . This manipulation causes improper authentication. This vulnerability is tracked as CVE-2026-45434 . The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.