A vulnerability categorized as critical has been discovered in Koha up to 25.11 . Impacted is an unknown function of the component Configuration Handler . The manipulation results in privilege escalation. This vulnerability was named CVE-2026-26379 . The attack may be performed from remote. There is no available exploit.