CVE-2026-23550
CRITICAL EXPLOITED NUCLEIModular DS - Privilege Escalation
Title source: llmDescription
Incorrect Privilege Assignment vulnerability in Modular DS Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from n/a through <= 2.5.1.
Exploits (7)
github
WORKING POC
10 stars
by XiaomingX · pythonpoc
https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-23550
nomisec
SCANNER
1 stars
by dzmind2312 · remote
https://github.com/dzmind2312/Mass-CVE-2026-23550-Exploit
nomisec
WORKING POC
1 stars
by O99099O · poc
https://github.com/O99099O/By-Poloss..-..CVE-2026-23550
nomisec
WORKING POC
1 stars
by TheTorjanCaptain · remote
https://github.com/TheTorjanCaptain/CVE-2026-23550-PoC
nomisec
SCANNER
1 stars
by cyberdudebivash · poc
https://github.com/cyberdudebivash/CYBERDUDEBIVASH-Modular-DS-CVE-2026-23550-Detector
nomisec
WORKING POC
by DedsecTeam-BlackHat · remote
https://github.com/DedsecTeam-BlackHat/CVE-2026-23550
nomisec
WORKING POC
by epsilonpoint88-glitch · poc
https://github.com/epsilonpoint88-glitch/EpSiLoNPoInT-
Nuclei Templates (1)
Modular DS - Broken Access Control
HIGHVERIFIEDby DhiyaneshDk
FOFA:
body="/plugins/modular-connector/"
References (4)
Scores
CVSS v3
9.8
EPSS
0.0485
EPSS Percentile
89.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2026-01-14
CWE
CWE-266
Status
published
Products (1)
Modular DS/Modular DS
< 2.5.1
Published
Jan 14, 2026
Tracked Since
Feb 18, 2026