CVE-2026-37106: DokuWiki: DokuWiki: Unauthorized account creation via registration function

Severity: Critical

CVSS Score: 9.8

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration (a non-default feature).