A vulnerability classified as problematic was found in grokability Snipe-IT up to 8.5.x. This affects the function
UsersController::update of the component Permission Management. Such manipulation leads to improper authorization.
This vulnerability is traded as CVE-2026-55843. The attack may be launched remotely. There is no exploit available.