CVE-2026-42070 | mantisbt Mantis Bug Tracker up to 2.28.1 Setting mc_issue_update authorization

A vulnerability, which was classified as critical, has been found in mantisbt Mantis Bug Tracker up to 2.28.1. This vulnerability affects the function mc_issue_update of the component Setting Handler. The manipulation leads to incorrect authorization.

This vulnerability is documented as CVE-2026-42070. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More