CVE-2026-31836 - Vulnerability Analysis
HighCVSS: 8.1Last Updated: March 20, 2026
Checkmate - Privilege Escalation
Overview
Checkmate <= 3.5.1 contains a mass assignment vulnerability in the user profile update endpoint, letting authenticated users escalate privileges to superadmin, bypassing role-based access controls.
Severity & Score
Impact
Authenticated users can gain full administrative access, including viewing users, modifying configurations, and accessing sensitive data.
Mitigation
Update to the latest version once a patch is available.
Social Media Activity(2 posts)
š CVE-2026-31836 - High (8.1) Checkmate is an open-source, self-hosted tool designed to track and monitor server hardware, uptime, response times, and incidents in real-time with beautiful visualizations. In versions from 3.5.1 and prior, a mass assignment vulnerability in Che... š https://www.thehackerwire.com/vulnerability/CVE-2026-31836/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-31836 - High (8.1) Checkmate is an open-source, self-hosted tool designed to track and monitor server hardware, uptime, response times, and incidents in real-time with beautiful visualizations. In versions from 3.5.1 and prior, a mass assignment vulnerability in Che... š https://www.thehackerwire.com/vulnerability/CVE-2026-31836/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-31836
- Severity
- High
- CVSS Score
- 8.1
- Type
- broken_access_control
- Status
- new
- EPSS
- 0.0%
- Social Posts
- 2
CWE
- CWE-269
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N