CVE-2026-27198
published 2026-02-21CVE-2026-27198: Formwork is a flat file-based Content Management System (CMS). In versions 2.0.0 through 2.3.3, the application fails to properly enforce role-based…
PriorityP260high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.41%
33.3th percentile
Formwork is a flat file-based Content Management System (CMS). In versions 2.0.0 through 2.3.3, the application fails to properly enforce role-based authorization during account creation. Although the system validates that the specified role exists, it does not verify whether the current user has sufficient privileges to assign highly privileged roles such as admin. As a result, an authenticated user with the editor role can create a new account with administrative privileges, leading to full administrative access and complete compromise of the CMS. This issue has been fixed in version 2.3.4.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| formwork_project | formwork | >= 2.0.0 < 2.3.4 | 2.3.4 |
| getformwork | formwork | — | — |
| getformwork | formwork | >= 2.0.0 < 2.3.4 | 2.3.4 |
Detection & IOCsextracted from sources · hover to see the quote
- →An authenticated user with the editor role attempting to create a new account with the 'admin' role should be flagged — monitor user account creation events in Formwork CMS for role assignments of 'admin' by non-admin users ↗
- →Monitor Formwork CMS account creation API/endpoints for role parameter values of 'admin' submitted by sessions authenticated as 'editor'-role users ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cisa7.3HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Formwork Improperly Managed Privileges in User creation
ghsa·2026-02-19
CVE-2026-27198 [HIGH] CWE-269 Formwork Improperly Managed Privileges in User creation
Formwork Improperly Managed Privileges in User creation
### Summary
The application fails to properly enforce role-based authorization during account creation. Although the system validates that the specified role exists, it does not verify whether the current user has sufficient privileges to assign highly privileged roles such as admin. As a result, an authenticated user with the editor role can create a new account with administrative privileges, leading to full administrative access and complete compromise of the CMS.
### Impact
Successful exploitation allows an attacker to:
- Gain full administrative control over the CMS.
- Access all site data and user information.
- Modify system configuration and security settings.
- Create, modify, or delete any user account, including legitim
OSV
Formwork Improperly Managed Privileges in User creation
osv·2026-02-19
CVE-2026-27198 [HIGH] Formwork Improperly Managed Privileges in User creation
Formwork Improperly Managed Privileges in User creation
### Summary
The application fails to properly enforce role-based authorization during account creation. Although the system validates that the specified role exists, it does not verify whether the current user has sufficient privileges to assign highly privileged roles such as admin. As a result, an authenticated user with the editor role can create a new account with administrative privileges, leading to full administrative access and complete compromise of the CMS.
### Impact
Successful exploitation allows an attacker to:
- Gain full administrative control over the CMS.
- Access all site data and user information.
- Modify system configuration and security settings.
- Create, modify, or delete any user account, including legitim
CISA
JetBrains TeamCity Relative Path Traversal Vulnerability
cisa·2026-04-20·CVSS 7.3
CVE-2024-27199 [HIGH] CWE-23 JetBrains TeamCity Relative Path Traversal Vulnerability
Vulnerability: JetBrains TeamCity Relative Path Traversal Vulnerability
Affected: JetBrains TeamCity
JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be performed.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Notes: https://www.jetbrains.com/privacy-security/issues-fixed/ ; https://blog.jetbrains.com/teamcity/2024/03/additional-critical-security-issues-affecting-teamcity-on-premises-cve-2024-27198-and-cve-2024-27199-update-to-2023-11-4-now/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-27199
Remediation Due Date: 2026-05-04
No detection rules found.
No public exploits indexed.
2026-02-21
Published