CVE-2026-48781

CRITICAL
Published Jun 17, 2026 Modified Jun 17, 2026 CWE-302 CWE-345 CWE-863

Description

Postiz is an AI social media scheduling tool. In versions prior to 2.21.8, the Skool integration callback signed an attacker-controlled JSON blob into a session-shape JWT using the application's JWT_SECRET, and the auth middleware trusted every claim in that JWT without re-resolving the user from the database. Any authenticated Postiz user could forge a SUPERADMIN session and impersonate arbitrary organizations. This allowed Full Access to the following: all parts of Postiz, including users registered to the specific instance and the ability to post in the name of the victim's social media channels added to that Postiz instance. This issue has been fixed in version 2.21.8.

CVSS v3.1 Score

9.9
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS — Exploit Prediction

0.0021
Probability of exploitation
0.11%
Percentile rank

EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.

Weakness Type (CWE)

CWE-302 CWE-302
CWE-345 CWE-345
CWE-863 Incorrect Authorization

References

Frequently Asked Questions

What is CVE-2026-48781? +
Postiz is an AI social media scheduling tool. In versions prior to 2.21.8, the Skool integration callback signed an attacker-controlled JSON blob into a session-shape JWT using the application's JWT_SECRET, and the auth middleware trusted every claim in that JWT without re-resolving the user from the database. Any authenticated Postiz user could forge a SUPERADMIN session and impersonate arbitrary organizations. This allowed Full Access to the following: all parts of Postiz, including users registered to the specific instance and the ability to post in the name of the victim's social media channels added to that Postiz instance. This issue has been fixed in version 2.21.8. It has a CVSS v3.1 base score of 9.9 (CRITICAL).
How severe is CVE-2026-48781? +
CVE-2026-48781 has a CVSS v3.1 score of 9.9 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately. The EPSS score is 0.0021, placing it in the 0th percentile for exploitation probability.
How do I check if I'm vulnerable to CVE-2026-48781? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2026-48781 — free, no signup required.

Start Free Scan