Home / Vulnerability Intelligence / CVE-2026-33707

CVE-2026-33707 - Vulnerability Analysis

CriticalCVSS: 9.4

Last Updated: April 10, 2026

Chamilo LMS - Authentication Bypass

Published: April 10, 2026Updated: April 10, 2026Remote Exploitable

Overview

Chamilo LMS < 1.11.38 and < 2.0.0-RC.3 contains an authentication bypass caused by predictable password reset tokens generated using sha1($email) without randomness, expiration, or rate limiting, letting attackers reset passwords knowing only the user's email.

Severity & Score

Severity: Critical

CVSS Score: 9.4

Impact

Attackers can reset any user's password without authentication, leading to full account takeover.

Mitigation

Upgrade to versions 1.11.38 or 2.0.0-RC.3 or later.

References

https://github.com/chamilo/chamilo-lms/commit/078d7e5b77679fa7ccfcd6783bd5cc683db0bda8
https://github.com/chamilo/chamilo-lms/commit/750a45312a0d5c3ad60dbfbd0d959ca40be4a18c
https://github.com/chamilo/chamilo-lms/security/advisories/GHSA-f27g-66gq-g7v2

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-33707
Severity: Critical
CVSS Score: 9.4
Type: broken_authentication
Status: new

CWE

CWE-640

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L