A vulnerability, which was classified as critical, has been found in getgrav Grav up to 2.0.3. Affected by this vulnerability is an unknown functionality of the component Grav API. The manipulation of the argument jti leads to session expiration.

This vulnerability is uniquely identified as CVE-2026-61452. The attack is possible to be carried out remotely. No exploit exists.