CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-33549

SPIP 4.4.10 through 4.4.12 before 4.4.13 allows unintended privilege assignment (of administrator privileges) during the editing of an author data structure because of STATUT mishandling.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.2%

CVSS Severity

CVSS v3 Score 6.7

References

https://blog.spip.net/Mise-a-jour-de-securite-sortie-de-SPIP-4-4-13.html?lang=fr
https://git.spip.net/spip/prive/-/commit/b8481a7feb00f301f0ff7d5ce2aad8a772d92c2e
https://git.spip.net/spip/prive/-/merge_requests/131

Products affected by CVE-2026-33549

Spip » Spip » Version: Any

cpe:2.3:a:spip:spip:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-33549

Products

Pricing

Contact Us