CVE-2026-40349 | leepeuker movary up to 0.71.0 Endpoint /settings/users/ authorization (GHSA-mcfq-8rx7-w25v)

A vulnerability described as critical has been identified in leepeuker movary up to 0.71.0. The affected element is an unknown function of the file /settings/users/ of the component Endpoint. The manipulation results in missing authorization.

This vulnerability was named CVE-2026-40349. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More