Platform
php
Component
lamp-cloud
Fixed in
5.8.1
5.8.2
CVE-2026-5529 is a vulnerability affecting Dromara lamp-cloud versions 5.8.0 through 5.8.1. This improper authorization flaw allows remote attackers to bypass access controls and potentially gain unauthorized access to resources. The vulnerability resides within the pageUser function of the DefUserController component. While the project was notified, a fix is currently unavailable.
Successful exploitation of CVE-2026-5529 allows an attacker to bypass authorization checks within the pageUser function. This could lead to unauthorized access to sensitive data or functionalities within the lamp-cloud application. The ability to initiate the attack remotely significantly broadens the potential attack surface. Given the public availability of an exploit, the risk of exploitation is elevated, potentially leading to data breaches, privilege escalation, or disruption of services. The lack of a response from the project increases the urgency of addressing this vulnerability.
CVE-2026-5529 is publicly exploitable, with a proof-of-concept readily available. This significantly increases the likelihood of exploitation in the wild. The vulnerability was disclosed on 2026-04-05. The EPSS score is likely to be medium, reflecting the public exploit and potential impact. It is currently not listed on the CISA KEV catalog.
Exploit Status
EPSS
0.01% (1% percentile)
CISA SSVC
CVSS Vector
Due to the absence of a patch, immediate mitigation strategies are crucial. The primary approach is to restrict access to the vulnerable /defUser/pageUser endpoint. This can be achieved through firewall rules, network segmentation, or access control lists (ACLs). Consider implementing a Web Application Firewall (WAF) with rules to block suspicious requests targeting this endpoint. Monitoring access logs for unusual activity related to this endpoint is also recommended. While not a complete solution, these measures can significantly reduce the risk of exploitation until a fix is released.
Update lamp-cloud to a patched version. The Dromara project has been notified of the problem, but has not yet provided a solution. Consult the reference sources for more information and possible workarounds.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5529 is a medium-severity vulnerability in lamp-cloud versions 5.8.0–5.8.1 that allows remote attackers to bypass authorization checks and gain unauthorized access.
Yes, if you are running lamp-cloud versions 5.8.0 or 5.8.1, you are affected by this vulnerability. Upgrade is recommended when available.
A patch is not currently available. Mitigation involves restricting access to the /defUser/pageUser endpoint using firewall rules or a WAF.
Yes, a public exploit exists, increasing the likelihood of active exploitation.
Check the Dromara lamp-cloud project's GitHub repository and website for updates and advisories regarding CVE-2026-5529.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.