Lucene search
+L

5 matches found

NVD
NVD
added 3 days ago3 views

CVE-2026-45071

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Crawler::addXmlContent set DOMDocument::$validateOnParse = true before loadXML, re-enabling external entity resolution and allowing attacker-supplied XML ...

8.7CVSS0.00462EPSS
Exploits0References6
NVD
NVD
added 3 days ago4 views

CVE-2026-45754

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, the Mailjet mailer bridge and LOX24 notifier bridge webhook parsers received configured webhook secrets but did not verify them, allowing unauthenticated POST...

6.9CVSS0.00348EPSS
Exploits0References6
NVD
NVD
added 3 days ago4 views

CVE-2026-45072

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.4.24 until 6.4.40, 7.4.12, and 8.0.12, the development profiler fileexcerpt Twig filter escapes PHP files through highlightstring but interpolates lines from non-PHP files directly into...

5.4CVSS0.00232EPSS
Exploits0References5
NVD
NVD
added 3 days ago4 views

CVE-2026-45063

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, X509Authenticator extracts the user identifier from $SERVER'SSLCLIENTSDN' with an unanchored regex that matches emailAddress= anywhere in the distinguishe...

9.1CVSS0.00323EPSS
Exploits0References6
OSV
OSV
added 3 days ago3 views

CVE-2026-45754 Symfony: Mailjet Mailer Webhook Parser Never Verifies the Configured Secret — Unauthenticated Webhook Event Injection

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, the Mailjet mailer bridge and LOX24 notifier bridge webhook parsers received configured webhook secrets but did not verify them, allowing unauthenticated POST...

6.9CVSS6.1AI score0.00348EPSS
Exploits0References8
Rows per page
Query Builder