A vulnerability classified as critical was found in OpenRemote Manager up to 1.24.1 . Affected by this issue is the function removeAlarms of the component Bulk Deletion Endpoint . Such manipulation leads to authorization bypass. This vulnerability is referenced as CVE-2026-56784 . It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.