CVE-2026-29199 | phpBB up to 3.3.15 Header Validation force_server_vars password recovery

A vulnerability, which was classified as problematic, was found in phpBB up to 3.3.15. This issue affects the function force_server_vars of the component Header Validation Handler. The manipulation results in weak password recovery.

This vulnerability is identified as CVE-2026-29199. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More