{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-35182", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-01T17:26:21.133Z", "datePublished": "2026-04-06T19:10:28.850Z", "dateUpdated": "2026-04-06T19:10:28.850Z"}, "containers": {"cna": {"title": "Missing Authorization Privilege Escalation", "problemTypes": [{"descriptions": [{"cweId": "CWE-862", "lang": "en", "description": "CWE-862: Missing Authorization", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/Ajax30/BraveCMS-2.0/security/advisories/GHSA-g58h-mvjw-f4hv", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Ajax30/BraveCMS-2.0/security/advisories/GHSA-g58h-mvjw-f4hv"}], "affected": [{"vendor": "Ajax30", "product": "BraveCMS-2.0", "versions": [{"version": "< 2.0.6", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-06T19:10:28.850Z"}, "descriptions": [{"lang": "en", "value": "Brave CMS is an open-source CMS. Prior to 2.0.6, this vulnerability is a missing authorization check found in the update role endpoint at routes/web.php. The POST route for /rights/update-role/{id} lacks the checkUserPermissions:assign-user-roles middleware. This allows any authenticated user to change account roles and promote themselves to Super Admin. This vulnerability is fixed in 2.0.6."}], "source": {"advisory": "GHSA-g58h-mvjw-f4hv", "discovery": "UNKNOWN"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Brave CMS is an open-source CMS. Prior to 2.0.6, this vulnerability is a missing authorization check found in the update role endpoint at routes/web.php. The POST route for /rights/update-role/{id} lacks the checkUserPermissions:assign-user-roles middleware. This allows any authenticated user to change account roles and promote themselves to Super Admin. This vulnerability is fixed in 2.0.6."}], "id": "CVE-2026-35182", "lastModified": "2026-04-06T20:16:26.553", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-06T20:16:26.553", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/Ajax30/BraveCMS-2.0/security/advisories/GHSA-g58h-mvjw-f4hv"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.0.6)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "BraveCMS-2.0", "source": "cna", "vendor": "Ajax30"}, "product": "bravecms-2.0", "vendor": "ajax30"}], "analysis": {"en": {"generated_at": "2026-04-07T01:38:34.116998+00:00", "value": {"mitigation_remediation": ["Upgrade BraveCMS to version 2.0.6 or later."], "summary": {"action": "Immediate Patch", "impact": "Privilege Escalation to Super Admin"}, "threat_synthesis": {"affected_systems": "The problem exists in Ajax30\u2019s BraveCMS versions earlier than 2.0.6. All releases through 2.0.5 are affected; the issue was fixed in 2.0.6 and later versions.", "description_and_impact": "The vulnerability is a missing authorization check in the update role endpoint of Brave CMS. Any authenticated user can post to the /rights/update-role/{id} route without the required middleware, allowing them to modify another user's role and promote themselves to Super Admin. This grants full administrative control over the system, compromising confidentiality, integrity, and availability.", "risk_and_exploitability": "With a CVSS score of 8.8, this vulnerability is considered high severity. No EPSS score is provided, and it is not listed in CISA\u2019s KEV catalog. The exploit requires only valid authentication on the site, making it likely that any insider or compromised user can abuse it. Once a user elevates to Super Admin, they gain unrestricted access to the CMS, making the risk significant and justifying urgent remediation."}}}}, "created": "2026-04-07T06:54:29.684986+00:00", "updated": "2026-04-07T09:37:32.167764+00:00", "vendors": ["ajax30", "ajax30$PRODUCT$bravecms-2.0"]}