Vendor
A high-severity authentication bypass vulnerability (CVE-2026-14622) exists in the jairiidriss restaurant-website-php-mysql web application's AJAX Endpoint, specifically affecting the /admin/ajax_files component, allowing remote unauthenticated attackers to gain unauthorized access to sensitive functionalities, with public exploit code increasing immediate risk.