PatchSiren cyber security CVE debrief
CVE-2026-5136 Red Hat CVE debrief
A flaw was found in Foreman's Usergroup model, which does not properly validate role assignments against the calling user's permissions. This allows an authenticated user with usergroup management permissions to attach arbitrary roles, including administrative roles, to a user group and then add themselves as a member. Successful exploitation leads to full privilege escalation, granting the attacker administrator-level access. The vulnerability affects Foreman and can be exploited by an authenticated user. The vulnerability has a high impact on the system.
- Vendor
- Red Hat
- Product
- Red Hat Satellite 6.16 for RHEL 8
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-01
- Original CVE updated
- 2026-07-09
- Advisory published
- 2026-07-01
- Advisory updated
- 2026-07-09
Who should care
Users of Foreman, particularly those with administrative roles or usergroup management permissions, should be aware of this vulnerability and take immediate action to mitigate the risk. System administrators and security teams should review the CVE record and NVD entry for more information. Affected users should apply vendor patches or updates as soon as possible. Users with usergroup management permissions should be cautious when assigning roles to user groups.
Technical summary
The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. An authenticated user with usergroup management permissions can attach arbitrary roles, including administrative roles, to a user group and then add themselves as a member. This leads to full privilege escalation. The vulnerability is caused by a lack of proper validation in the Usergroup model. The affected product is Foreman. The vulnerability has a high impact on confidentiality, integrity, and availability.
Defensive priority
High
Recommended defensive actions
- Review and restrict usergroup management permissions
- Monitor user group changes and role assignments
- Implement compensating controls to limit privilege escalation
- Apply vendor patches or updates
- Conduct inventory checks for affected systems
- Track exceptions and retest remediated assets
- Review relevant monitoring, detection, and logs for exposed assets
Evidence notes
The CVE record was published on 2026-07-01T14:16:47.277Z and was last modified on 2026-07-09T02:39:36.490Z. The NVD entry is currently Analyzed. This information is based on the NVD entry and the CVE record. The vulnerability affects Foreman's Usergroup model. The CVE record and NVD entry provide details on the vulnerability. Users should verify the affected versions and configurations. The evidence is limited to public sources and may not be comprehensive.
Official resources
-
CVE-2026-5136 CVE record
CVE.org
-
CVE-2026-5136 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Issue Tracking, Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-01T14:16:47.277Z and has not been modified since then. The NVD entry is currently Analyzed.