CVE-2026-44986 | Penpot up to 2.14.4 Session Management auth.clj register-profile email improper authentication

SecurityVulns

A vulnerability was found in Penpot up to 2.14.4. It has been declared as critical. This vulnerability affects the function register-profile of the file auth.clj of the component Session Management. Executing a manipulation of the argument email can lead to improper authentication.

The identification of this vulnerability is CVE-2026-44986. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More