A vulnerability, which was classified as critical, was found in Xen XAPI. The affected element is an unknown function of the component Configuration Handler. Executing a manipulation of the argument VBD.other_config:backend-local/VM.other-config:is_system_domain/VM.other_config:storage_driver_domain/VM.platform:hvm_serial can lead to improper access controls.

This vulnerability appears as CVE-2026-23559. The attack may be performed from remote. There is no available exploit.