CVE-2026-40291 | Chamilo LMS up to 2.0-RC.2 /api/users/ privileges management

A vulnerability categorized as critical has been discovered in Chamilo LMS up to 2.0-RC.2. This impacts an unknown function of the file /api/users/. Executing a manipulation can lead to improper privilege management.

This vulnerability is tracked as CVE-2026-40291. The attack can be launched remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More