CVE-2026-1836 | Redmine up to 5.0.13/5.1.9/6.0.6 password recoverable

A vulnerability marked as problematic has been reported in Redmine up to 5.0.13/5.1.9/6.0.6. This impacts an unknown function. The manipulation leads to storing passwords in a recoverable format.

This vulnerability is uniquely identified as CVE-2026-1836. Local access is required to approach this attack. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More