TYPO3 CMS: Broken Access Control in Media Module

🗓️ 12 Jun 2026 19:06:59Reported by GitHub Advisory DatabaseType

TYPO3 media clipboard bypassed read checks; update to fixed ELTS and LTS versions.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2026-47351	10 Jun 202613:15	–	circl
CVE	CVE-2026-47351	9 Jun 202610:52	–	cve
Cvelist	CVE-2026-47351 TYPO3 CMS - Broken Access Control in Clipboard	9 Jun 202610:52	–	cvelist
EUVD	EUVD-2026-35398	12 Jun 202619:06	–	euvd
Friends Of PHP	TYPO3-CORE-SA-2026-014: Broken Access Control in Clipboard	9 Jun 202609:00	–	friendsofphp
NVD	CVE-2026-47351	9 Jun 202611:16	–	nvd
OSV	GHSA-Q93M-25XV-94HH TYPO3 CMS: Broken Access Control in Media Module	12 Jun 202619:06	–	osv
Positive Technologies	PT-2026-47744	9 Jun 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-47351	10 Jun 202614:59	–	redhatcve
Vulnrichment	CVE-2026-47351 TYPO3 CMS - Broken Access Control in Clipboard	9 Jun 202610:52	–	vulnrichment

Vulners

Node

typo3 cms-backendRange14.0.0–14.3.3composer

typo3 cms-backendRange13.0.0–13.4.31composer

typo3 cms-backendRange12.0.0–12.4.46composer

typo3 cms-backendRange11.0.0–11.5.51composer

typo3 cms-backendRange<10.4.57composer

typo3 cms-coreRange14.0.0–14.3.3composer

typo3 cms-coreRange13.0.0–13.4.31composer

typo3 cms-coreRange12.0.0–12.4.46composer

typo3 cms-coreRange11.0.0–11.5.51composer

typo3 cms-coreRange<10.4.57composer

Source	Link
github	www.github.com/TYPO3/typo3/security/advisories/GHSA-q93m-25xv-94hh
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-47351
github	www.github.com/TYPO3/typo3/commit/2740707563343d78184c0b7c6303a7484553d7f3
github	www.github.com/TYPO3/typo3/commit/932fbb9fcea25094e8bcc0f0ec5aab56b1d92451
github	www.github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2026-47351.yaml
typo3	www.typo3.org/security/advisory/typo3-core-sa-2026-014
github	www.github.com/advisories/GHSA-q93m-25xv-94hh

12 Jun 2026 19:07Current

5.4Medium risk

Vulners AI Score5.4

CVSS 45.3

EPSS0.00036

SSVC