CVE-2026-45332 | marcantondahmen automad up to 2.0.0-beta.27 Password Hash create-first-user information disclosure (GHSA-xm76-r88j-vm3g)

A vulnerability, which was classified as problematic, was found in marcantondahmen automad up to 2.0.0-beta.27. This affects an unknown function of the file /_api/user-collection/create-first-user of the component Password Hash Handler. The manipulation results in information disclosure.

This vulnerability was named CVE-2026-45332. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More