CVE-2026-42176 | Erudika scoold up to 1.66.x Setting /api/config/set/admins missing authentication

A vulnerability classified as critical was found in Erudika scoold up to 1.66.x. Impacted is an unknown function of the file /api/config/set/admins of the component Setting Handler. The manipulation results in missing authentication.

This vulnerability is cataloged as CVE-2026-42176. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More