A vulnerability was found in Craft CMS up to 4.17.7/5.9.13 . It has been declared as problematic . Impacted is an unknown function. The manipulation results in authorization bypass. This vulnerability is known as CVE-2026-56385 . It is possible to launch the attack remotely. No exploit is available. It is recommended to upgrade the affected component.