HomeCVE Intelligence › CVE-2026-48507
CVSS 7.1 HIGH Vulnerability

CVE-2026-48507: Snipe-IT: Bulk editing users allowed `ldap_import` and `activated_in` bulk editing users

Impact The vulnerability allows a non-admin user holding only the granular users.edit permission to lock every admin out of the instance by editing the activated flag (which determines whether or not a user can login) a…

7.1CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-48507
Vendorcomposer
Affected Productsnipe/snipe-it
Vulnerability TypeVulnerability
CVSS Score7.1 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

#

Impact

The vulnerability allows a non-admin user holding only the granular users.edit permission to lock every admin out of the instance by editing the activated flag (which determines whether or not a user can login) and the ldap_import flag, which determines whether or not the user can request a password reset.

Patches

Patched in https://github.com/grokability/snipe-it/commit/403f9c848b05274642f64450696bdcdc242a352a

🎯 Known Indicators of Compromise

{"type":"sha1","value":"403f9c848b05274642f64450696bdcdc242a352a","confidence_score":0.9,"first_seen":"2026-06-23","source_count":1} {"type":"url","value":"https://github.com/grokability/snipe-it/commit/403f9c848b05274642f64450696bdcdc242a352a","confidence_score":0.82,"first_seen":"2026-06-23","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-48507 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence