How to fix CVE-2026-27198?

Within 24 hours: Audit account creation logs and review all recently created user accounts for unauthorized privilege grants. Within 7 days: Apply the available vendor patch to all Formwork instances running versions 2.0.0-2.3.3. Within 30 days: Conduct security review of user roles and permissions across all patched systems and reset credentials for any suspicious accounts created during the vulnerability window.

Is Formwork affected by CVE-2026-27198?

Formwork CMS versions 2.0.0-2.3.3 contain a critical authorization bypass vulnerability that could allow unauthorized users to create accounts with elevated privileges, potentially compromising content integrity and system access.

CVE-2026-27198

HIGH

2026-02-21 [email protected]

GHSA-34p4-7w83-35g2

8.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:04 vuln.today

Patch Released

Mar 03, 2026 - 17:33 nvd

Patch available

CVE Published

Feb 21, 2026 - 06:17 nvd

HIGH 8.8

Description

Formwork is a flat file-based Content Management System (CMS). In versions 2.0.0 through 2.3.3, the application fails to properly enforce role-based authorization during account creation. Although the system validates that the specified role exists, it does not verify whether the current user has sufficient privileges to assign highly privileged roles such as admin. As a result, an authenticated user with the editor role can create a new account with administrative privileges, leading to full administrative access and complete compromise of the CMS. This issue has been fixed in version 2.3.4.

Analysis

Formwork CMS versions 2.0.0 through 2.3.3 fail to validate user privileges during account creation, allowing authenticated editors to create admin accounts and gain full CMS control. An attacker with editor-level access can exploit this authorization bypass to escalate privileges without restriction, completely compromising the application. …

Remediation

Within 24 hours: Audit account creation logs and review all recently created user accounts for unauthorized privilege grants. Within 7 days: Apply the available vendor patch to all Formwork instances running versions 2.0.0-2.3.3. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +44

POC: 0

CVE-2026-27198 vulnerability details – vuln.today

Back

CVE-2026-27198

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-27198

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code