Filtered by vendor Immich-app
Subscriptions
Filtered by product Immich
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-23896 | 1 Immich-app | 1 Immich | 2026-01-30 | 7.2 High |
| immich is a high performance self-hosted photo and video management solution. Prior to version 2.5.0, API keys can escalate their own permissions by calling the update endpoint, allowing a low-privilege API key to grant itself full administrative access to the system. Version 2.5.0 fixes the issue. | ||||
Page 1 of 1.