NVD CRITICAL: CVE-2026-48904 — An improper access check allows privelege escalation through the com_users group...

Tuesday, May 26, 2026 at 05:16 PM UTC·Source: NIST NVD

Updated: Wednesday, May 27, 2026 at 08:01 AM UTC

Executive Summary

An improper access check allows privelege escalation through the com_users group editing webservice endpoint.

Analysis

An improper access check allows privelege escalation through the com_users group editing webservice endpoint. CVSS Score: 9.8. Published: 2026-05-26T17:16:55.203.

Indicators of Compromise (1)

CVE (1)

CVE-2026-48904

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on May 26, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerabilityNEW

transfermate moves on stablecoins

TransferMate, the leading provider of embedded B2B payments, has selected BVNK as its stablecoin infrastructure partner in a new integration that will see TransferMate use BVNK to offer stablecoin capabilities across its global network for the first time.

Just nowFinextra

MEDIUMVulnerabilityNEW

Juspay joins Mastercard Engage network

Juspay, a leading global payments technology company, today announced that it has joined the Mastercard Engage partner network as a certified third-party partner for Mastercard Click to Pay.

31m agoFinextra

MEDIUMVulnerabilityNEW

Ripple brings RLUSD stablecoin to Turkey

Ripple, the leading provider of blockchain-based enterprise solutions across traditional and digital finance, today announced that its enterprise-grade, USD-backed stablecoin Ripple USD (RLUSD) is now available to institutions in Türkiye through three new partnerships with BiLira, Bitexen and Bitlo.

38m agoFinextra