CVE-2026-34406 | APTRS up to 2.0.0 /api/auth/edituser/ edit_user dynamically-determined object attributes (GHSA-gv25-wp4h-9c35)

A vulnerability identified as critical has been detected in APTRS up to 2.0.0. This issue affects the function edit_user of the file /api/auth/edituser/. The manipulation leads to dynamically-determined object attributes.

This vulnerability is referenced as CVE-2026-34406. Remote exploitation of the attack is possible. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More