← Zuruck zu CVEs
CVE-2026-27939
HIGH8.8
Beschreibung
Statmatic is a Laravel and Git powered content management system (CMS). Starting in version 6.0.0 and prior to version 6.4.0, Authenticated Control Panel users may under certain conditions obtain elevated privileges without completing the intended verification step. This can allow access to sensitive operations and, depending on the user’s existing permissions, may lead to privilege escalation. This has been fixed in 6.4.0.
CVE Details
CVSS v3.1 Bewertung8.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht2/27/2026
Zuletzt geandert3/10/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
statamic:statamic
Schwachen (CWE)
CWE-287
Referenzen
https://github.com/statamic/cms/commit/8639ef96217eaa682bc42e8a62769cb7c6a85d3a(security-advisories@github.com)
https://github.com/statamic/cms/security/advisories/GHSA-rw9x-pxqx-q789(security-advisories@github.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.