CVE-2026-34370 | Chamilo LMS up to 2.0.0-RC.2 Notebook updateNote/delete_note notebook_id improper authorization

A vulnerability was found in Chamilo LMS up to 2.0.0-RC.2. It has been declared as critical. The affected element is the function updateNote/delete_note of the component Notebook Module. The manipulation of the argument notebook_id results in improper authorization.

This vulnerability is cataloged as CVE-2026-34370. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More