CVE-2026-23754 D-Link D-View 8 API Endpoint authorization

A very critical vulnerability, CVE-2026-23754, has been identified in D-Link D-View 8 up to version 2.0.1.107, specifically within the API Endpoint component. This flaw allows any authenticated user to manipulate the user_id argument to access and impersonate other users, including administrators, by retrieving sensitive credential data.