Can not confirm

Yes i have the same issue.
After resetting the password all user group assignments are gone. Very annoying... i have to reassign all the users to the groups every time they reset their passwords.
I also noticed that the joomla log displays that a new user is being registered instead of a password reset. Maybe Joomla tries to register the existing user once more when the forgot-password function is used? Accordingly all user groups are overwritten.

PS: I have no extensions installed

If this was happening with just core user management then there would be thousands of reports. What extensions do you have installed - especially any plugins or components to manage login.

No extensions are installed.
Tried it with a fresh joomla installation too, same problem.
After using the "forgot password" function the user group assignments are changed.

pictures from a fresh joomla installation
before:

after:

I see that you now have updated the title to indicate that this report is for joomla 4. I had assumed from the way that you wrote that you were referring to a live site and therefor a joomla 3 site

I have done a few tests. In each test there has been a change in the assigned user groups although not consistently the same groups.

Before

After

In addition as can be seen in the screenshots the user account is no longer marked as active.

Both of these are very serious issues so thank you for reporting them and I apologise again for misunderstanding that you were referring to joomla 3.

@richard67 please upgrade this to a release blocker

@joomla/security please review this as its a clear security issue

I can confirm the issue. Just tried and see the same error. I will look at it.

@joomdonation I double checked it a few times on J3 and no problem with the groups there

I only check on J4 as the reported issue is for J4.

So here is what I found:

1. A quick fix would be change this line of code https://github.com/joomla/joomla-cms/blob/4.0-dev/libraries/src/Table/User.php#L173 to

->whereIn($this->_db->quoteName('id'), array_values($this->groups));

2. However, the root of the error seems causes from our database package DatabaseQuery class, method bindArray. I will try to make a PR to framework repo to fix this root error.

This should be a release blocker surely right?

This looks like a PHP 8 issue. Please report your PHP versions.

My PHP version is 7.4.14

ok cool maybe I was wrong then, well the proposed fix of using array_values() has been the fix for a lot of PHP 8 compatibility issues.

not php 8

PR #32990

#32990 was merged, please remove the release blocker tag on this issue.