CVE-2025-43856 | immich up to 1.131.x /user-settings incorrect implementation of authentication algorithm (GHSA-3832-6r8h-9cfm)

A vulnerability was found in immich up to 1.131.x. It has been classified as critical. Affected is an unknown function of the file /user-settings. The manipulation leads to incorrect implementation of authentication algorithm.

This vulnerability is traded as CVE-2025-43856. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More