CVE-2026-42610 | getgrav up to 2.0.0-beta.1 Password Hash grav[‘accounts’] authorization

A vulnerability, which was classified as problematic, was found in getgrav grav up to 2.0.0-beta.1. This issue affects some unknown processing of the component Password Hash Handler. Such manipulation of the argument grav[‘accounts’] leads to incorrect authorization.

This vulnerability is referenced as CVE-2026-42610. It is possible to launch the attack remotely. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More