CVE-2026-31834
Received Received - Intake

Privilege Escalation in Umbraco CMS via User Group Misauthorization

Vulnerability report for CVE-2026-31834, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-10

Last updated on: 2026-03-18

Assigner: GitHub, Inc.

Description

Umbraco is an ASP.NET CMS. From 15.3.1 to before 16.5.1 and 17.2.2, A privilege escalation vulnerability has been identified in Umbraco CMS. Under certain conditions, authenticated backoffice users with permission to manage users, may be able to elevate their privileges due to insufficient authorization enforcement when modifying user group memberships. The affected functionality does not properly validate whether a user has sufficient privileges to assign highly privileged roles. This vulnerability is fixed in 16.5.1 and 17.2.2.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-10
Last Modified
2026-03-18
Generated
2026-07-06
AI Q&A
2026-03-11
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
umbraco umbraco_cms From 15.3.1 (inc) to 16.5.1 (exc)
umbraco umbraco_cms From 17.0.0 (inc) to 17.2.2 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CWE-269 The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Mitigation Strategies

To mitigate this vulnerability, you should upgrade Umbraco CMS to version 16.5.1 or 17.2.2, where the privilege escalation issue has been fixed.

Additionally, review and restrict permissions for authenticated backoffice users who have the ability to manage users, ensuring they do not have unnecessary privileges to assign highly privileged roles.

Detection Guidance

I don't know

Executive Summary

This vulnerability is a privilege escalation issue in Umbraco CMS versions from 15.3.1 to before 16.5.1 and 17.2.2. Authenticated backoffice users who have permission to manage users may be able to increase their privileges improperly. This happens because the system does not sufficiently enforce authorization checks when these users modify user group memberships, allowing them to assign highly privileged roles without proper validation.

Impact Analysis

The impact of this vulnerability is that an authenticated user with some administrative permissions could escalate their privileges to gain higher-level access than intended. This could lead to unauthorized access to sensitive data, modification of critical settings, or further compromise of the system's integrity, confidentiality, and availability.

Compliance Impact

I don't know

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-31834. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart