CVE-2026-5781
Multiple vulnerabilities in MphRx's Minerva
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their privileges by sending an HTTP request with a manipulated 'identifier' field. Successful exploitation of this vulnerability could allow an authenticated user to obtain administrator privileges. It is not possible to escalate privileges through the graphical user interface.
| CWE | CWE-285 |
| Vendor | mphrx |
| Product | minerva |
| Published | Apr 28, 2026 |
| Last Updated | Apr 28, 2026 |
Stay Ahead of the Next One
Get instant alerts for mphrx minerva
Be the first to know when new unknown vulnerabilities affecting mphrx minerva are published β delivered to Slack, Telegram or Discord.
Get Free Alerts β
Free Β· No credit card Β· 60 sec setup
Affected Versions
MphRx / Minerva
3.6.0
References
Credits
Alejandro Rivera LeΓ³n