A vulnerability, which was classified as critical , was found in l3montree-dev devguard up to 1.4.1 . This issue affects some unknown processing of the file vex.json of the component DevGuard API . The manipulation results in improper authorization. This vulnerability is identified as CVE-2026-48089 . The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.