← back
CVE-2026-50881

CVE-2026-50881

CVSS 8.1 HIGHEPSS 0.2%CWE-284
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.1EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
15 Jun 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Incorrect access control in the impworks Bonsai v6.0 allows authenticated attackers with Editor privileges to escalate privileges to Administrator and execute unauthorized account, password, and configuration changes.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Affected products
n/a · n/a