A vulnerability, which was classified as critical , was found in ci4-cms-erp ci4ms 0.28.5.0 . Affected is an unknown function. The manipulation results in improper access controls. This vulnerability is cataloged as CVE-2026-34572 . The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.