A vulnerability was found in Grokability Snipe-IT up to 8.5.x and classified as problematic . Affected by this issue is some unknown functionality of the component Password Reset Handler . The manipulation results in incorrect authorization. This vulnerability is reported as CVE-2026-48507 . The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.