Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.