CVE-2026-47366

Published Jun 12, 2026

Last updated 2 days ago

CVSS high 7.2

Overview

Description
Improper verification of access permissions when modifying permissions through the Administration Control Panel (ACP) allowed an authenticated administrator to grant permissions beyond the level authorized for their account, resulting in privilege escalation within the administrative interface.
Source
support@hackerone.com
NVD status
Deferred

Risk scores

CVSS 3.0

Type
Secondary
Base score
7.2
Impact score
5.9
Exploitability score
1.2
Vector string
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

support@hackerone.com
CWE-284

Social media

Hype score
Not currently trending

  1. 🚨*CVE* CVE-2026-47366 Improper verification of access permissions when modifying permissions through the Administration Control Panel (ACP) allowed an authenticated administrator to grant … https://t.co/09sfOLOKbI ----- Traducción: CVE-2026-47366 Ver… https://t.co/utmtNg

    @infoflowcloud

    12 Jun 2026

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.