CVE-2026-53911 — Cerebrate before version 1.37 allowed the id primary key field to be supplied through request input during CRUD edit operations and certain custom entity patching flows. In affected entities that did — CVE Database · The Intelligence Room