If the 2FA was activated, it was possible to bypass the password authentication
This is fixed in the version 0.112. Users should upgrade to this version as soon as possible.
"https://github.com/pypa/advisory-database/blob/main/vulns/ajenti-plugin-core/PYSEC-2026-266.yaml"