CVE-2026-35223 | Joomla CMS up to 5.4.5/6.1.0 com_config access control
A vulnerability, which was classified as critical, has been found in Joomla CMS up to 5.4.5/6.1.0. The affected element is an unknown function of the component com_config. The manipulation leads to improper access controls.
This vulnerability is listed as CVE-2026-35223. The attack may be initiated remotely. There is no available exploit.
It is advisable to upgrade the affected component.