CVE-2026-36723 — An unrestricted file rename vulnerability in the /api/create-user component of bookcars v8.3 allows authenticated attackers to leverage directory traversal sequences to move arbitrary files from tempo — CVE Database · The Intelligence Room