Get a Demo

Let's Patch It!

Book a short call with one our specialists, we'll walk you through how Endor Patches work, and ask you a few questions about your environment (like your primary programming languages and repository management). We'll also send you an email right after you fill out the form, feel free to reply with any questions you have in advance!

CVE

CVE-2026-34406

APTRS: Privilege Escalation via Mass Assignment of is_superuser in User Edit Endpoint
Back to all
CVE

CVE-2026-34406

APTRS: Privilege Escalation via Mass Assignment of is_superuser in User Edit Endpoint

APTRS (Automated Penetration Testing Reporting System) is a Python and Django-based automated reporting tool designed for penetration testers and security organizations. Prior to version 2.0.1, the edituser endpoint (POST /api/auth/edituser/<pk>) allows Any user who can reach that endpoint and submit crafted permission to escalate their own account (or any other account) to superuser by including "issuperuser": true in the request body. The root cause is that CustomUserSerializer explicitly includes issuperuser in its fields list but omits it from readonlyfields, making it a writable field. The edituser view performs no additional validation to prevent non-superusers from modifying this field. Once is_superuser is set to true, gaining unrestricted access to all application functionality without requiring re-authentication. This issue has been patched in version 2.0.1.

Package Versions Affected

Package Version
patch Availability
No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request

CVSS Version

Severity
Base Score
CVSS Version
Score Vector
C
H
U
9.4
-
4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
C
H
U
0
-
C
H
U
-

Related Resources

No items found.

References

https://github.com/APTRS/APTRS/commit/d1f1b3a5d1953082af8e075712ca29742e900d56, https://github.com/APTRS/APTRS/releases/tag/2.0.1, https://github.com/APTRS/APTRS/security/advisories/GHSA-gv25-wp4h-9c35, https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/34xxx/CVE-2026-34406.json, https://nvd.nist.gov/vuln/detail/CVE-2026-34406

Severity

0

CVSS Score
0
10

Basic Information

Ecosystem
Base CVSS
0
EPSS Probability
0.00096%
EPSS Percentile
0.26594%
Introduced Version
0
Fix Available
50f1158d958a47d7891223169c8ae785debd9b1e

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.
Fix Without Upgrading