Privilege escalation in Fossbilling

CVE-2026-53645

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow a low-privileged staff account to grant arbitrary module permissions to itself through the admin API, resulting in persistent privilege…

Vulnerability class: Privilege Escalation

Affected products

Weakness classification (CWE)

References