Security Advisory

CVE-2026-40185

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-10 19:40:16
Last updated 2026-04-15 15:09:36
Assigner GitHub_M
State PUBLISHED

Description

TREK is a collaborative travel planner. Prior to 2.7.2, TREK was missing authorization checks on the Immich trip photo management routes. This vulnerability is fixed in 2.7.2.