CVE-2026-22784

Name of the Vulnerable Software and Affected Versions Lychee versions prior to 7.1.0

Description Lychee is a free, open-source photo-management tool. A flaw exists in the album password unlock functionality that could allow users to gain unauthorized access to other users' password-protected albums. When a user unlocks a password-protected public album, the system automatically unlocks all other public albums sharing the same password, bypassing authorization controls.

Recommendations Update to version 7.1.0 or later.