A vulnerability, which was classified as critical , was found in Revive Adserver up to 6.0.7 . Affected by this vulnerability is the function ox.login . Executing a manipulation can lead to improper access controls. This vulnerability is registered as CVE-2026-50744 . It is possible to launch the attack remotely. No exploit is available.