A vulnerability was found in haxtheweb haxcms-php up to 25.x . It has been rated as problematic . The impacted element is an unknown function. Performing a manipulation results in authorization bypass. This vulnerability is identified as CVE-2026-46390 . The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.