A vulnerability was found in getgrav Grav up to 1.0.2 and classified as critical. This affects the function
HandlesMediaUploads::processUploadedFile of the file /api/v1/media of the component SVG File Handler. Such manipulation leads to unrestricted upload.
This vulnerability is listed as CVE-2026-61456. The attack may be performed from remote. There is no available exploit.