CVE Catalog

CVE-2026-57518

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.48%

38th percentile — higher than 38% of all known CVEs

Summary

Pagekit CMS 1.0.18 contains a privilege escalation vulnerability that allows authenticated users with the 'user: manage users' permission to assign arbitrary custom roles to themselves due to missing authorization checks in UserApiController::saveAction(). Attackers can assign themselves a custom role with the 'system: manage packages' permission and then upload and install a malicious PHP package through the admin package installer to achieve remote code execution.

Risk Assessment

The risk for the organization includes the possibility of full system takeover by an authenticated user, potentially leading to data theft, content modification, or further attacks on the infrastructure.

Recommendation

It is recommended to immediately update Pagekit CMS to the latest version that fixes this vulnerability, and restrict the 'user: manage users' permission to trusted administrators only.

Original NVD description (English source)

Pagekit CMS 1.0.18 contains a privilege escalation vulnerability that allows authenticated users with the 'user: manage users' permission to escalate privileges by assigning arbitrary custom roles to themselves due to missing authorization checks in UserApiController::saveAction(). Attackers can assign themselves a custom role with the 'system: manage packages' permission and then upload and install a malicious PHP package through the admin package installer to achieve remote code execution.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS