wgportal CVE Vulnerabilities & CVE List (1)

Products (CPE): — CVEs: 1

wgportal vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to wgportal, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 11 of 1 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-27899 WireGuard Portal (or wg-portal) is a web-based configuration portal for WireGuard server management. Prior to version 2.1.3, any authenticated non-admin user can become a full administrator by sending a single PUT request to their own user profile endpoint with `"IsAdmin": true` in the JSON body. After logging out and back in, the session picks up admin privileges from the database. When a user updates their own profile, the server parses the full JSON body into the user model, including the `Is [email protected] 8.8 0.31% 2026-02-25 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence