A vulnerability categorized as critical has been discovered in SourceCodester Student Grades Management System 1.0 . Affected by this vulnerability is the function getClassroomStudents/removeStudentFromClassroom of the file classroom.php . Executing a manipulation of the argument classroom_id can lead to improper authorization. The identification of this vulnerability is CVE-2026-9484 . The attack may be launched remotely. Furthermore, there is an exploit available.