Description
SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication logic to bypass login verification and retrieve sensitive internal data.
Published: 2026-02-26
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Authentication Bypass
Action: Immediate Patch
AI Analysis

Impact

The vulnerability in SPIP allows an unauthenticated attacker to bypass the authentication mechanism by exploiting PHP type juggling in the login logic. Attackers can achieve this by manipulating input values that trigger loose type comparisons, thereby gaining access to protected information. The weakness, CWE-288, reflects improper handling of authentication or access control, potentially leading to confidentiality loss of sensitive internal data.

Affected Systems

SPIP products with versions earlier than 4.4.10 are affected. The vendor identified is SPIP, and the product name is SPIP. No specific patch release is listed, but the vulnerability exists on all instances running a pre‑4.4.10 build.

Risk and Exploitability

This flaw carries a high CVSS score of 8.7, indicating significant impact if exploited. The EPSS score of less than 1% suggests currently low exploitation probability, and it has not been listed in the CISA KEV catalog. Based on the description, the likely attack vector is a web application interaction where an attacker attempts to log in using crafted input. No additional exploitation conditions are specified beyond the ability to send the manipulating request, so the vulnerability is exploitable in standard operational environments.

Generated by OpenCVE AI on April 16, 2026 at 16:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade SPIP to version 4.4.10 or later to eliminate the type juggling bug
  • Disallow or restrict access to the administrative login interface until the upgrade is applied
  • Review and validate authentication code to ensure strict type checking and proper access controls

Generated by OpenCVE AI on April 16, 2026 at 16:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6155-1 spip security update
History

Thu, 05 Mar 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Spip saisies
CPEs cpe:2.3:a:spip:saisies:*:*:*:*:*:spip:*:*
Vendors & Products Spip saisies

Mon, 02 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:spip:spip:*:*:*:*:*:*:*:*

Fri, 27 Feb 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 27 Feb 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Fri, 27 Feb 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Spip
Spip spip
Vendors & Products Spip
Spip spip

Thu, 26 Feb 2026 21:00:00 +0000

Type Values Removed Values Added
Description SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication logic to bypass login verification and retrieve sensitive internal data.
Title SPIP < 4.4.10 Authentication Bypass via PHP Type Juggling
Weaknesses CWE-288
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Spip Saisies Spip
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-05T01:30:17.621Z

Reserved: 2026-01-06T16:47:17.185Z

Link: CVE-2026-22205

cve-icon Vulnrichment

Updated: 2026-02-27T20:06:33.193Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-26T21:28:52.217

Modified: 2026-03-02T16:08:10.217

Link: CVE-2026-22205

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T16:15:08Z

Weaknesses