CVE-2026-33318
HIGH SEVERITYCVSS Score & Metrics
Base Score
8.8 / 10
Vulnerability Description
Actual has Privilege Escalation via 'change-password' Endpoint on OpenID-Migrated Servers
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
npm
Product
@actual-app/sync-server
Discussion (0)
Add Comment
No comments yet. Be the first!