CVE-2026-26067 | October CMS up to 3.7.13/4.1.9 CSS Preprocessor File authorization

A vulnerability, which was classified as problematic, was found in October CMS up to 3.7.13/4.1.9. This affects an unknown part of the component CSS Preprocessor File Handler. Such manipulation leads to incorrect authorization.

This vulnerability is traded as CVE-2026-26067. The attack may be launched remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More