[HIGH] Craft CMS: GraphQL Asset Mutation Privilege Escalation

PKSA-zjy6-pdtw-mck8 CVE-2026-25497 GHSA-fxp3-g6gw-4r4v

Affected package: craftcms/cms

Affected version: >=4.0.0-RC1,<4.17.0-beta.1|>=5.0.0-RC1,<5.9.0-beta.1

Reported by:
GitHub