CVE-2026-55885 Grav: Admin Backup Zip File Exposes Account Credentials and Configuration Secrets
Grav is a file-based Web platform. Prior to 1.7.53, an authenticated administrator with backup permissions can download a ZIP archive containing the full Grav installation root, including user/accounts/admin.yaml with the administrator password hash and user/config with site configuration, throug...