CVE Catalog

CVE-2026-57953

MediumCVSS 5.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

17th percentile — higher than 17% of all known CVEs

Summary

A vulnerability in Mythic before version 3.4.0.60 allows authenticated spectator-role users to bypass authorization and perform unauthorized write operations. Attackers can exploit the misconfigured eventing_import_automatic_webhook endpoint to create and delete automation workflows.

Risk Assessment

The organization is at risk of unauthorized modifications to operation automation configuration and EventGroups, potentially leading to system disruptions and loss of control over automation processes.

Recommendation

Immediately upgrade Mythic to version 3.4.0.60 or later, which includes a fix for this vulnerability. Additionally, review and tighten access controls for spectator role endpoints.

Original NVD description (English source)

Mythic before 3.4.0.60 contains an authorization bypass vulnerability that allows authenticated spectator-role users to perform unauthorized write operations by accessing the eventing_import_automatic_webhook endpoint registered under spectator-permitted middleware. Attackers with spectator role can exploit this misconfigured access control to create and delete automation workflows, making unauthorized modifications to operation automation configuration and EventGroups.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS