[MEDIUM] Snipe-IT Vulnerable to User Account Escalation via CSV Import

PKSA-sr4q-gvr6-k14n CVE-2026-49976 GHSA-p68w-rgmg-3c2v

Affected package: snipe/snipe-it

Affected version: <8.6.0

Reported by:
GitHub