DokuWiki: Controversial Account Vulnerability (CVE-2026-37106)


This text was generated using artificial intelligence (AI).In the widely used open-source wiki software DokuWiki is defined as CVE-2026-37106 A reported vulnerability was discussed, which the National Vulnerability Database (NVD) assigned a CVSS score of 9.8 is classified as. Contrary to what was reported initially, it is not related to remote code execution, but rather the ability to create a user account using the registration function (register in inc/auth.php). The manufacturer disputes the classification as a vulnerability: This behavior is intended once the optional self-registration feature is enabled—a feature that, in the default configuration, disabled is. This article provides an objective analysis of the report.