CVE-2026-5781 in Minervainfo

Zusammenfassung

von MITRE • 28.04.2026

An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their privileges by sending an HTTP request with a manipulated 'identifier' field. Successful exploitation of this vulnerability could allow an authenticated user to obtain administrator privileges. It is not possible to escalate privileges through the graphical user interface.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

INCIBE

Reservieren

08.04.2026

Veröffentlichung

28.04.2026

Moderieren

akzeptiert

Eintrag

VDB-359970

CPE

bereit

CWE

CWE-285 (bestätigt)

CVSS

8.8 (NVD)

EPSS

0.00050

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-5781
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-5781
CVE Details	https://www.cvedetails.com/cve/CVE-2026-5781/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!