CVE-2026-8426
Description
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/prepare_remote_upgrade/. An attacker who controls the remote package returned for a known marketplace item ID can overwrite the package PHP on disk and force its upgrade() method to execute in a single browser navigation. This results in remote code execution as the web server user. In order to be vulnerable, the victim must be passing canInstallPackages, victim site must be connected to the Concrete marketplace; and the attacker controls the package returned for a marketplace item ID already installed on the victim site. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 7.5 with vector CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N. Thanks https://github.com/maru1009 for reporting.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Concrete CMS 9.5.0 and below lacks CSRF token validation in a remote upgrade endpoint, allowing an attacker controlling a marketplace package to overwrite PHP files and execute arbitrary code if the victim clicks a crafted link.
Root
Cause
The vulnerability resides in the /dashboard/extend/update/prepare_remote_upgrade/ endpoint of Concrete CMS. Concrete CMS 9.5.0 and below fails to validate a Cross-Site Request Forgery (CSRF) token before processing requests to this endpoint [CVE-2026-8426 description]. This means an attacker can forge a request on behalf of an authenticated administrator without their consent.
Attack
Prerequisites and Vector
To exploit this, three conditions must be met: the victim administrator must be logged in and have the canInstallPackages permission; the victim site must be connected to the Concrete CMS marketplace; and the attacker must control the package that is returned when the marketplace item ID (already installed on the victim site) is requested. If an attacker satisfies these prerequisites, they can craft a malicious link that, when clicked by the victim, triggers the upgrade process with a tampered package. The attack requires user interaction (the victim clicks the link) and high attacker preparation, reflected in the CVSS v4.0 vector (AV:N/AC:H/AT:P/PR:N/UI:A) [CVE-2026-8426 description].
Impact
By controlling the returned package, the attacker can overwrite PHP files on the server disk. When the package's upgrade() method is executed during the subsequent navigation, arbitrary PHP code runs as the web server user, leading to remote code execution (RCE) [CVE-2026-8426 description]. The CVSS v4.0 score of 7.5 (High) reflects the potential for complete compromise of confidentiality, integrity, and availability.
Mitigation
The vulnerability is fixed in Concrete CMS version 9.5.1 [1]. Users should update immediately. The 9.5.1 release notes also mention detecting Composer-installed sites to disallow direct in-app updates, which mitigates the attack surface for those deployments [1]. No workarounds are documented; users on versions prior to 9.5.0 should upgrade as these are also affected.
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <=9.5.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
36- Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflowMicrosoft Security Blog · May 20, 2026
- AI is drowning software maintainers in junk security reportsHelp Net Security · May 18, 2026
- AI is distorting the Holocaust (Lock and Code S07E10)Malwarebytes Labs · May 18, 2026
- Raising the bar: Quality, shared responsibility, and the future of GitHub’s bug bounty programGitHub Security Lab · May 15, 2026
- Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student dataThe Register Security · May 14, 2026
- The Convergence of Cloud Secrets & AI RiskSentinelOne Labs · May 13, 2026
- Sweet Security Launches Agentic AI Red Teaming to Counter ‘Mythos Moment’SecurityWeek · May 13, 2026
- UK Cybersecurity Market Expands to £14.7bn with Strong Growth in AI Security FirmsInfosecurity Magazine · May 13, 2026
- [GUEST DIARY] Tearing apart website fraud to see how it works., (Wed, May 13th)SANS Internet Storm Center · May 13, 2026
- Accelerating detection engineering using AI-assisted synthetic attack logs generationMicrosoft Security Blog · May 12, 2026
- Defense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmarkMicrosoft Security Blog · May 12, 2026
- State-sponsored actors, better known as the friends you don’t wantCisco Talos Intelligence · May 12, 2026
- The AI-vs-AI battle is already happening. Watch it live at EXPOSURE 2026.Tenable Blog · May 7, 2026
- The EOL Blind Spot in Your CVE Feed: What SCA Tools MissBleepingComputer · May 5, 2026
- The EOL Blind Spot in Your CVE Feed: What SCA Tools Don't Check.BleepingComputer · May 5, 2026
- The Back Door Attackers Know About — and Most Security Teams Still Haven’t ClosedThe Hacker News · May 5, 2026
- Google now offers up to $1.5 million for some Android exploitsBleepingComputer · May 5, 2026
- Your work apps are quietly handing 19 data points to someoneHelp Net Security · May 4, 2026
- Google Adjusts Bug Bounties: Chrome Payouts Drop as Android Rewards Rise Amid AI SurgeSecurityWeek · May 1, 2026
- Top Five Sales Challenges Costing MSPs Cybersecurity RevenueThe Hacker News · May 1, 2026
- Claude Mythos Fears Startle Japan's Financial Services SectorDark Reading · Apr 30, 2026
- US Busts Myanmar Ring Targeting US Citizens in Financial FraudDark Reading · Apr 24, 2026
- Trailmark turns code into graphsTrail of Bits · Apr 23, 2026
- UK Commits £90m for Cybersecurity and Pushes for ‘Resilience Pledge’Infosecurity Magazine · Apr 22, 2026
- Orchestrating AI Code Review at scaleCloudflare Blog · Apr 20, 2026
- Unweight: how we compressed an LLM 22% without sacrificing qualityCloudflare Blog · Apr 17, 2026
- Agents that remember: introducing Agent MemoryCloudflare Blog · Apr 17, 2026
- The n8n n8mare: How threat actors are misusing AI workflow automationCisco Talos Intelligence · Apr 15, 2026
- How exposed is your code? Find out in minutes—for freeGitHub Security Lab · Apr 14, 2026
- Mutation testing for the agentic eraTrail of Bits · Apr 1, 2026
- How we made Trail of Bits AI-native (so far)Trail of Bits · Mar 31, 2026
- TrendAI™ Research at RSAC 2026: Advancing Defense Across AI‑Driven and Cyber‑Physical ThreatsTrend Micro Research · Mar 31, 2026
- A year of open source vulnerability trends: CVEs, advisories, and malwareGitHub Security Lab · Mar 26, 2026
- EDR killers explained: Beyond the driversESET WeLiveSecurity · Mar 19, 2026
- France: National Cybersecurity Agency Reports Ransomware Attack Drop in 2025Infosecurity Magazine · Mar 11, 2026
- How to scan for vulnerabilities with GitHub Security Lab’s open source AI-powered frameworkGitHub Security Lab · Mar 6, 2026