CVE-2025-58052
Unknown Unknown - Not Provided
Privilege Escalation in Galette via Role-Based Access Bypass

Publication date: 2025-12-19

Last updated on: 2026-04-29

Assigner: GitHub, Inc.

Description
Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to version 1.2.0, attackers with group manager role can bypass intended restrictions allowing unauthorized access and changes despite role-based controls. Since it requires privileged access initially, exploitation is restricted to malicious insiders or compromised group managers accounts. Version 1.2.0 fixes the issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-19
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-12-19
EPSS Evaluated
2026-06-15
NVD
CVE-2025-58052
EUVD
EUVD-2025-204570
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
galette galette 1.2.0
galette galette 0.9.6
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-58052 is an access control bypass vulnerability in the Galette membership management application affecting versions 0.9.6 up to but not including 1.2.0. It allows attackers with the group manager role to bypass intended restrictions and gain unauthorized access to member management functions, despite role-based access controls. Specifically, even when certain permissions are disabled, a group manager can exploit a flaw in authorization checks to create members via an unintended GET route. Exploitation requires initial privileged access, so the threat is limited to malicious insiders or compromised group manager accounts. [1]

Impact Analysis

This vulnerability can impact you by allowing a group manager with limited privileges to perform unauthorized actions such as creating members, which they should not be allowed to do. This could lead to unauthorized changes in membership data, potentially compromising the integrity and trustworthiness of your membership records. Since exploitation requires privileged access, the main risk comes from malicious insiders or compromised group manager accounts. [1]

Detection Guidance

Detection can focus on monitoring access to the GET route "addMember" in Galette versions 0.9.6 up to but not including 1.2.0, especially when the "Can group managers create members?" option is disabled and "Can members create child" is enabled. Network or application logs should be inspected for unauthorized access attempts to this route by users with the group manager role. Specific commands depend on your environment, but for example, using web server logs you can run commands like: grep 'GET /addMember' /var/log/apache2/access.log to find access attempts. Additionally, monitoring user roles and their actions within the application can help detect exploitation attempts. [1]

Mitigation Strategies

The immediate mitigation step is to upgrade Galette to version 1.2.0 or later, where this access control bypass vulnerability is fixed. Until the upgrade can be performed, restrict or monitor group manager accounts closely, especially their access to member creation functions. Review and adjust the "Rights" settings to avoid configurations where "Can group managers create members?" is disabled but "Can members create child" is enabled, as this combination enables the bypass. Limit privileged access to trusted users to reduce risk from malicious insiders or compromised accounts. [1]

Compliance Impact

The provided resources do not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-58052. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart