Platform
php
Component
admidio/admidio
Fixed in
5.0.1
5.0.8
CVE-2026-34382 describes a Cross-Site Request Forgery (CSRF) vulnerability discovered in the admidio/admidio component. This flaw allows an attacker to silently delete list configurations within admidio, posing a significant risk to users with administrative privileges. The vulnerability affects versions of admidio up to and including v5.0.7, and a fix is available in version 5.0.8.
The primary impact of CVE-2026-34382 is the unauthorized deletion of admidio list configurations. An attacker can craft a malicious page that, when visited by an authenticated admidio user, triggers the deletion of these configurations. This is particularly concerning for users with administrator rights, as they can inadvertently delete organization-wide shared lists, disrupting workflows and potentially causing data loss. The attack relies on social engineering to lure the victim to the malicious page, making user awareness a crucial factor in mitigating the risk. The scope of the impact depends on the permissions of the compromised user; an administrator's actions could affect a much larger group.
CVE-2026-34382 was publicly disclosed on 2026-03-31. No known public proof-of-concept (POC) exploits are currently available, but the CSRF nature of the vulnerability makes it relatively straightforward to exploit. The vulnerability is not currently listed on the CISA KEV catalog. Given the ease of exploitation and the potential impact, organizations should prioritize patching.
Exploit Status
EPSS
0.02% (5% percentile)
CISA SSVC
CVSS Vector
The recommended mitigation for CVE-2026-34382 is to immediately upgrade admidio to version 5.0.8 or later, which includes the necessary fix. If upgrading is not immediately feasible, consider implementing temporary workarounds. While a direct WAF rule to block CSRF attacks is generally applicable, it's less effective here due to the reliance on user interaction. Review admidio's configuration to ensure the principle of least privilege is enforced, limiting the potential impact of a compromised administrator account. Monitor admidio logs for suspicious deletion activity. After upgrading, confirm the fix by attempting to trigger a list deletion via a crafted CSRF request and verifying that the action is blocked.
Update Admidio to version 5.0.8 or higher. This version fixes the Cross-Site Request Forgery (CSRF) vulnerability in custom list deletion. The update will prevent an attacker from exploiting this vulnerability to delete list configurations without authorization.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-34382 is a Cross-Site Request Forgery (CSRF) vulnerability in admidio/admidio versions up to v5.0.7, allowing attackers to delete list configurations without authorization.
You are affected if you are using admidio/admidio versions 5.0.7 or earlier. Upgrade to 5.0.8 or later to mitigate the risk.
Upgrade admidio/admidio to version 5.0.8 or later. If immediate upgrade is not possible, implement temporary workarounds like restricting administrator access.
While no public exploits are currently known, the CSRF nature of the vulnerability suggests a potential for exploitation. Proactive patching is recommended.
Refer to the admidio project's official website or GitHub repository for the latest security advisories and release notes.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.