Privilege escalation in Red Hat Satellite 6

CVE-2026-5136

A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. This allows an authenticated user with usergroup management permissions to attach arbitrary rol…

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2026-5136?
CVE-2026-5136 is a high-severity vulnerability in Red Hat Satellite 6, classified under Incorrect Privilege Assignment. CVSS score: 8.8/10. Published 2026-07-01.
How severe is CVE-2026-5136?
High severity. CVSS v3 base score is 8.8 out of 10.