CVE-2026-42609: CWE-269: Improper Privilege Management in getgrav grav
Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a business logic vulnerability in the Grav Admin Panel allows a low-privileged user (with only user creation permissions) to overwrite existing accounts, including the primary administrator. By creating a new user with a username that already exists, the system updates the existing account's metadata and permissions instead of rejecting the request. This leads to a Denial of Service (DoS) on administrative functions and Privilege De-escalation of the root account. This vulnerability is fixed in 2.0.0-beta.2.
AI Analysis
Technical Summary
CVE-2026-42609 is an improper privilege management vulnerability (CWE-269) in the Grav Admin Panel before version 2.0.0-beta.2. It allows a user with limited permissions (only user creation rights) to overwrite existing user accounts by creating a new user with a username that already exists. Instead of rejecting the duplicate username, the system updates the existing account's metadata and permissions. This leads to denial of service on admin functions and privilege de-escalation of the root account. The vulnerability has a CVSS 3.1 score of 8.1, indicating high severity. No known exploits in the wild have been reported. A fix is available in Grav version 2.0.0-beta.2.
Potential Impact
An attacker with low privileges can overwrite existing user accounts, including the primary administrator, causing denial of service to administrative functions and reducing the privileges of the root account. This can disrupt administrative control and potentially weaken system security.
Mitigation Recommendations
Upgrade Grav to version 2.0.0-beta.2 or later, where this vulnerability is fixed. Since the vendor advisory confirms the fix in this version, applying this update is the recommended remediation. Patch status beyond this version is not explicitly stated, so verify with the vendor for any further updates.
CVE-2026-42609: CWE-269: Improper Privilege Management in getgrav grav
Description
Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a business logic vulnerability in the Grav Admin Panel allows a low-privileged user (with only user creation permissions) to overwrite existing accounts, including the primary administrator. By creating a new user with a username that already exists, the system updates the existing account's metadata and permissions instead of rejecting the request. This leads to a Denial of Service (DoS) on administrative functions and Privilege De-escalation of the root account. This vulnerability is fixed in 2.0.0-beta.2.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-42609 is an improper privilege management vulnerability (CWE-269) in the Grav Admin Panel before version 2.0.0-beta.2. It allows a user with limited permissions (only user creation rights) to overwrite existing user accounts by creating a new user with a username that already exists. Instead of rejecting the duplicate username, the system updates the existing account's metadata and permissions. This leads to denial of service on admin functions and privilege de-escalation of the root account. The vulnerability has a CVSS 3.1 score of 8.1, indicating high severity. No known exploits in the wild have been reported. A fix is available in Grav version 2.0.0-beta.2.
Potential Impact
An attacker with low privileges can overwrite existing user accounts, including the primary administrator, causing denial of service to administrative functions and reducing the privileges of the root account. This can disrupt administrative control and potentially weaken system security.
Mitigation Recommendations
Upgrade Grav to version 2.0.0-beta.2 or later, where this vulnerability is fixed. Since the vendor advisory confirms the fix in this version, applying this update is the recommended remediation. Patch status beyond this version is not explicitly stated, so verify with the vendor for any further updates.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-29T00:31:15.725Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a01f78ecbff5d86102f2035
Added to database: 5/11/2026, 3:36:46 PM
Last enriched: 5/11/2026, 3:54:06 PM
Last updated: 5/12/2026, 3:52:59 AM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.