CVE-2026-31834

Umbraco Affected by Vertical Privilege Escalation via Missing Authorization Checks

Assigner: GitHub_M
Reserved: 09.03.2026 Published: 10.03.2026 Updated: 10.03.2026

Umbraco is an ASP.NET CMS. From 15.3.1 to before 16.5.1 and 17.2.2, A privilege escalation vulnerability has been identified in Umbraco CMS. Under certain conditions, authenticated backoffice users with permission to manage users, may be able to elevate their privileges due to insufficient authorization enforcement when modifying user group memberships. The affected functionality does not properly validate whether a user has sufficient privileges to assign highly privileged roles. This vulnerability is fixed in 16.5.1 and 17.2.2.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 7.2

Attack Vector	Network	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	High
Privileges Required	High	Integrity Impact	High
User Interaction	None	Availability Impact	High

CVSS 3.1

Product Status

Vendor	umbraco
Product	Umbraco-CMS
Versions	Version >= 15.3.1, < 16.5.1 is affected Version >= 17.0.0, < 17.2.1 is affected

Vendor

umbraco

Product

Umbraco-CMS

Versions

Version >= 15.3.1, < 16.5.1 is affected
Version >= 17.0.0, < 17.2.1 is affected

References

Problem Types

CWE-269: Improper Privilege Management CWE
CWE-284: Improper Access Control CWE
CWE-862: Missing Authorization CWE

CVE-2026-31834 PUBLISHED

Umbraco Affected by Vertical Privilege Escalation via Missing Authorization Checks

Metrics

Product Status

References

Problem Types