{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5529", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-04T06:26:51.702Z", "datePublished": "2026-04-05T00:15:13.302Z", "dateUpdated": "2026-04-06T19:11:19.646Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-05T00:15:13.302Z"}, "title": "Dromara lamp-cloud DefUserController pageUser improper authorization", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-285", "lang": "en", "description": "Improper Authorization"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-266", "lang": "en", "description": "Incorrect Privilege Assignment"}]}], "affected": [{"vendor": "Dromara", "product": "lamp-cloud", "versions": [{"version": "5.8.0", "status": "affected"}, {"version": "5.8.1", "status": "affected"}], "modules": ["DefUserController"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-04T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-04T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-04T08:32:07.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "aibot88 (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/355282", "name": "VDB-355282 | Dromara lamp-cloud DefUserController pageUser improper authorization", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355282/cti", "name": "VDB-355282 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/782103", "name": "Submit #782103 | Dromara lamp-cloud 5.8.1 Broken object property level authorization", "tags": ["third-party-advisory"]}, {"url": "https://github.com/dromara/lamp-cloud/issues/403", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/dromara/lamp-cloud/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T19:11:09.815617Z", "id": "CVE-2026-5529", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T19:11:19.646Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5529", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-06T19:11:09.815617Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T19:11:16.040Z"}}], "cna": {"title": "Dromara lamp-cloud DefUserController pageUser improper authorization", "credits": [{"lang": "en", "type": "reporter", "value": "aibot88 (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB CNA Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "Dromara", "modules": ["DefUserController"], "product": "lamp-cloud", "versions": [{"status": "affected", "version": "5.8.0"}, {"status": "affected", "version": "5.8.1"}]}], "timeline": [{"lang": "en", "time": "2026-04-04T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-04T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-04T08:32:07.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/355282", "name": "VDB-355282 | Dromara lamp-cloud DefUserController pageUser improper authorization", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355282/cti", "name": "VDB-355282 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/782103", "name": "Submit #782103 | Dromara lamp-cloud 5.8.1 Broken object property level authorization", "tags": ["third-party-advisory"]}, {"url": "https://github.com/dromara/lamp-cloud/issues/403", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/dromara/lamp-cloud/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-285", "description": "Improper Authorization"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-266", "description": "Incorrect Privilege Assignment"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-05T00:15:13.302Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5529", "state": "PUBLISHED", "dateUpdated": "2026-04-06T19:11:19.646Z", "dateReserved": "2026-04-04T06:26:51.702Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-05T00:15:13.302Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "id": "CVE-2026-5529", "lastModified": "2026-04-07T13:20:55.200", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-05T01:16:47.450", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/dromara/lamp-cloud/"}, {"source": "cna@vuldb.com", "url": "https://github.com/dromara/lamp-cloud/issues/403"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/782103"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355282"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355282/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-266"}, {"lang": "en", "value": "CWE-285"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "5.8.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "5.8.1"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "lamp-cloud", "source": "cna", "vendor": "Dromara"}, "product": "lamp-cloud", "vendor": "dromara"}], "analysis": {"en": {"generated_at": "2026-04-05T03:20:48.264588+00:00", "value": {"mitigation_remediation": ["Check for and install the latest version of Dromara lamp-cloud that contains the authorization fix", "Restrict network access to the DefUserController endpoint to trusted users only", "Implement application\u2011level access controls or a web\u2011application firewall to block unauthorized requests", "Monitor logs for suspicious access patterns to the pageUser endpoint"], "summary": {"action": "Apply Patch", "impact": "Unauthorized Access"}, "threat_synthesis": {"affected_systems": "The issue affects installations of Dromara lamp\u2011cloud at or below 5.8.1. Vendor: Dromara; product lamp\u2011cloud. No other affected versions have been reported.", "description_and_impact": "A defect in Dromara lamp\u2011cloud up to version 5.8.1 allows manipulation of the pageUser function within the DefUserController to bypass authentication checks. This exposes user data and potentially other privileged information to anyone able to send the crafted request. The flaw is an example of improper authorization consistent with CWE\u2011266 and CWE\u2011285.", "risk_and_exploitability": "The CVSS base score of 5.3 indicates moderate severity. The exploit is publicly available and can be launched from a remote location; however, the EPSS score is unavailable and the vulnerability is not in the CISA KEV list. Attackers with network access to the application can manipulate the request to gain unauthorized access, so the risk is moderate to high depending on exposure."}}}}, "created": "2026-04-06T20:26:50.788180+00:00", "updated": "2026-04-06T21:57:26.029508+00:00", "vendors": ["dromara", "dromara$PRODUCT$lamp-cloud"]}