The SentinelOne Annual Threat Report - A Defenders Guide from the FrontlinesThe SentinelOne Annual Threat ReportGet the Report
Experiencing a Breach?Blog
Get StartedContact Us
SentinelOne
  • Platform
    Platform Overview
    • Singularity Platform
      Welcome to Integrated Enterprise Security
    • AI for Security
      Leading the Way in AI-Powered Security Solutions
    • Securing AI
      Accelerate AI Adoption with Secure AI Tools, Apps, and Agents.
    • How It Works
      The Singularity XDR Difference
    • Singularity Marketplace
      One-Click Integrations to Unlock the Power of XDR
    • Pricing & Packaging
      Comparisons and Guidance at a Glance
    Data & AI
    • Purple AI
      Accelerate SecOps with Generative AI
    • Singularity Hyperautomation
      Easily Automate Security Processes
    • AI-SIEM
      The AI SIEM for the Autonomous SOC
    • AI Data Pipelines
      Security Data Pipeline for AI SIEM and Data Optimization
    • Singularity Data Lake
      AI-Powered, Unified Data Lake
    • Singularity Data Lake for Log Analytics
      Seamlessly Ingest Data from On-Prem, Cloud or Hybrid Environments
    Endpoint Security
    • Singularity Endpoint
      Autonomous Prevention, Detection, and Response
    • Singularity XDR
      Native & Open Protection, Detection, and Response
    • Singularity RemoteOps Forensics
      Orchestrate Forensics at Scale
    • Singularity Threat Intelligence
      Comprehensive Adversary Intelligence
    • Singularity Vulnerability Management
      Application & OS Vulnerability Management
    • Singularity Identity
      Identity Threat Detection and Response
    Cloud Security
    • Singularity Cloud Security
      Block Attacks with an AI-Powered CNAPP
    • Singularity Cloud Native Security
      Secure Cloud and Development Resources
    • Singularity Cloud Workload Security
      Real-Time Cloud Workload Protection Platform
    • Singularity Cloud Data Security
      AI-Powered Threat Detection for Cloud Storage
    • Singularity Cloud Security Posture Management
      Detect and Remediate Cloud Misconfigurations
    Securing AI
    • Prompt Security
      Secure AI Tools Across Your Enterprise
  • Why SentinelOne?
    Why SentinelOne?
    • Why SentinelOne?
      Cybersecurity Built for What’s Next
    • Our Customers
      Trusted by the World’s Leading Enterprises
    • Industry Recognition
      Tested and Proven by the Experts
    • About Us
      The Industry Leader in Autonomous Cybersecurity
    Compare SentinelOne
    • Arctic Wolf
    • Broadcom
    • CrowdStrike
    • Cybereason
    • Microsoft
    • Palo Alto Networks
    • Sophos
    • Splunk
    • Trellix
    • Trend Micro
    • Wiz
    Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
    • State and Local Government
  • Services
    Managed Services
    • Managed Services Overview
      Wayfinder Threat Detection & Response
    • Threat Hunting
      World-Class Expertise and Threat Intelligence
    • Managed Detection & Response
      24/7/365 Expert MDR Across Your Entire Environment
    • Incident Readiness & Response
      DFIR, Breach Readiness, & Compromise Assessments
    Support, Deployment, & Health
    • Technical Account Management
      Customer Success with Personalized Service
    • SentinelOne GO
      Guided Onboarding & Deployment Advisory
    • SentinelOne University
      Live and On-Demand Training
    • Services Overview
      Comprehensive Solutions for Seamless Security Operations
    • SentinelOne Community
      Community Login
  • Partners
    Our Network
    • MSSP Partners
      Succeed Faster with SentinelOne
    • Singularity Marketplace
      Extend the Power of S1 Technology
    • Cyber Risk Partners
      Enlist Pro Response and Advisory Teams
    • Technology Alliances
      Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS
      Hosted in AWS Regions Around the World
    • Channel Partners
      Deliver the Right Solutions, Together
    • SentinelOne for Google Cloud
      Unified, Autonomous Security Giving Defenders the Advantage at Global Scale
    • Partner Locator
      Your Go-to Source for Our Top Partners in Your Region
    Partner Portal→
  • Resources
    Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • Whitepapers
    • Events
    View All Resources→
    Blog
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog→
    Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
  • About
    About SentinelOne
    • About SentinelOne
      The Industry Leader in Cybersecurity
    • Investor Relations
      Financial Information & Events
    • SentinelLABS
      Threat Research for the Modern Threat Hunter
    • Careers
      The Latest Job Opportunities
    • Press & News
      Company Announcements
    • Cybersecurity Blog
      The Latest Cybersecurity Threats, News, & More
    • FAQ
      Get Answers to Our Most Frequently Asked Questions
    • DataSet
      The Live Data Platform
    • S Foundation
      Securing a Safer Future for All
    • S Ventures
      Investing in the Next Generation of Security, Data and AI
  • Pricing
Get StartedContact Us
CVE Vulnerability Database
Vulnerability Database/CVE-2026-41659

CVE-2026-41659: Admidio Information Disclosure Vulnerability

CVE-2026-41659 is an information disclosure flaw in Admidio that exposes hidden profile fields through search queries. Role leaders can infer private user data despite visibility restrictions. This article covers technical details, affected versions, impact, and mitigation steps.

Published: May 7, 2026

CVE-2026-41659 Overview

CVE-2026-41659 is an information disclosure vulnerability in Admidio, an open-source user management solution. The flaw exists in the member assignment DataTables endpoint (members_assignment_data.php) prior to version 5.0.9. The endpoint includes hidden profile fields such as BIRTHDAY, STREET, CITY, POSTCODE, and COUNTRY in its SQL search condition regardless of field visibility settings. A role leader with assign-only permissions can infer hidden personally identifiable information (PII) by observing which users appear in search results for specific values. The issue is patched in Admidio version 5.0.9.

Critical Impact

A role leader with assign-only permissions can enumerate hidden PII values, including birthdays and addresses, by observing search result membership.

Affected Products

  • Admidio open-source user management solution
  • Versions prior to 5.0.9
  • Deployments exposing the members_assignment_data.php endpoint

Discovery Timeline

  • 2026-05-07 - CVE CVE-2026-41659 published to NVD
  • 2026-05-07 - Last updated in NVD database

Technical Details for CVE-2026-41659

Vulnerability Analysis

The vulnerability resides in the member assignment DataTables endpoint members_assignment_data.php. The endpoint applies search conditions at the SQL layer across all profile fields, including those marked as hidden. JSON output filters hidden columns through isVisible() checks before returning data to the client. This filtering occurs after the database has already evaluated the search predicate.

The mismatch between SQL-layer search and presentation-layer visibility creates an oracle. A role leader can submit search terms targeting hidden fields and observe whether matching users appear in the result set. By iterating through candidate values, the attacker reconstructs hidden PII without ever directly reading the field. The flaw is classified under CWE-200: Exposure of Sensitive Information to an Unauthorized Actor.

Exploitation requires authenticated access with role leader and assign-only permissions, limiting the attack surface to users already trusted within the application.

Root Cause

The root cause is inconsistent enforcement of field visibility between the SQL query and the JSON serializer. Visibility checks should apply to the search predicate construction, not only to output rendering. Hidden fields remain queryable, exposing their contents through inference rather than direct disclosure.

Attack Vector

An authenticated role leader sends search requests to members_assignment_data.php with values targeting hidden profile fields. The server matches these values against the hidden columns in the SQL WHERE clause. Users whose hidden fields match the search term appear in the response. The attacker correlates response membership with the submitted search value to infer the hidden data.

For technical details, refer to the GitHub Security Advisory GHSA-68pr-7prh-mpv4.

Detection Methods for CVE-2026-41659

Indicators of Compromise

  • High-volume search requests to members_assignment_data.php from a single authenticated session
  • Sequential or dictionary-style search parameters targeting fields like postal codes, cities, or birthdays
  • Role leader accounts issuing search queries that iterate through value ranges

Detection Strategies

  • Inspect web server access logs for repeated requests to members_assignment_data.php with varying search parameters
  • Correlate authenticated session activity with anomalous DataTables search frequency
  • Review database query logs for search predicates referencing BIRTHDAY, STREET, CITY, POSTCODE, or COUNTRY columns from non-administrative roles

Monitoring Recommendations

  • Enable application-level audit logging for member assignment endpoint requests
  • Track search request rates per authenticated user and alert on outliers
  • Monitor role leader accounts for activity patterns inconsistent with assignment workflows

How to Mitigate CVE-2026-41659

Immediate Actions Required

  • Upgrade Admidio to version 5.0.9 or later
  • Audit role leader accounts and remove assign-only permissions where not required
  • Review historical access logs for search activity targeting hidden profile fields

Patch Information

The issue is fixed in Admidio version 5.0.9. The patch aligns SQL-layer search behavior with the presentation-layer visibility model, excluding hidden fields from search predicates. Release notes are available at the Admidio v5.0.9 release page.

Workarounds

  • Restrict role leader assignment privileges to trusted personnel only until upgrade
  • Reduce the set of profile fields marked as hidden where feasible to limit exposure
  • Place the Admidio installation behind a web application firewall configured to rate-limit DataTables search endpoints
bash
# Upgrade to patched version
git fetch --tags
git checkout v5.0.9
# Or download the release archive from:
# https://github.com/Admidio/admidio/releases/tag/v5.0.9

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

  • Vulnerability Details
  • TypeInformation Disclosure
  • Vendor/TechAdmidio
  • SeverityLOW
  • CVSS Score2.7
  • Known ExploitedNo
  • CVSS Vector
  • CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
  • Impact Assessment
  • ConfidentialityLow
  • IntegrityNone
  • AvailabilityNone
  • CWE References
  • CWE-200
  • Technical References
  • GitHub Release v5.0.9
  • GitHub Security Advisory GHSA-68pr-7prh-mpv4
  • Related CVEs
  • CVE-2026-34381: Admidio Information Disclosure Flaw
  • CVE-2026-42194: Admidio SSRF Vulnerability
  • CVE-2026-41671: Admidio OIDC Auth Bypass Vulnerability
  • CVE-2026-41670: Admidio SAML Auth Bypass Vulnerability
Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform can protect your organization now and into the future.

Try SentinelOne
  • Get Started
  • Get a Demo
  • Product Tour
  • Why SentinelOne
  • Pricing & Packaging
  • FAQ
  • Contact
  • Contact Us
  • Customer Support
  • SentinelOne Status
  • Language
  • Platform
  • Singularity Platform
  • Singularity Endpoint
  • Singularity Cloud
  • Singularity AI-SIEM
  • Singularity Identity
  • Singularity Marketplace
  • Purple AI
  • Services
  • Wayfinder TDR
  • SentinelOne GO
  • Technical Account Management
  • Support Services
  • Verticals
  • Energy
  • Federal Government
  • Finance
  • Healthcare
  • Higher Education
  • K-12 Education
  • Manufacturing
  • Retail
  • State and Local Government
  • Cybersecurity for SMB
  • Resources
  • Blog
  • Labs
  • Case Studies
  • Videos
  • Product Tours
  • Events
  • Cybersecurity 101
  • eBooks
  • Webinars
  • Whitepapers
  • Press
  • News
  • Ransomware Anthology
  • Company
  • About Us
  • Our Customers
  • Careers
  • Partners
  • Legal & Compliance
  • Security & Compliance
  • Investor Relations
  • S Foundation
  • S Ventures

©2026 SentinelOne, All Rights Reserved.

Privacy Notice Terms of Use

English