Lucene search
+L

14 matches found

redhatcve
redhatcve
added yesterday4 views

CVE-2026-46639

A flaw was found in Twig, a template language for PHP. An attacker with write access to a sandboxed Twig template can bypass security restrictions due to an issue in object-destructuring assignment. This allows them to read public properties or invoke public methods on objects, leading to...

7.1CVSS6AI score0.00354EPSS
Exploits0References2
nvd
nvd
added 2 days ago6 views

CVE-2026-46639

Twig is a template language for PHP. From 3.24.0 until 3.26.0, object-destructuring assignment compiles CoreExtension::getAttribute with the sandbox argument hardcoded to false, disabling property and method policy checks and allowing an attacker with write access to a sandboxed Twig template to...

7.1CVSS0.00354EPSS
Exploits0References2
cve
cve
added 2 days ago19 views

CVE-2026-46639

Twig 3.24.0–3.26.0 contains a sandbox bypass in object-destructuring assignment: CoreExtension::getAttribute() is called with sandboxed flag set to false, bypassing security policy checks and allowing a sandboxed template to read public properties or call public getters on objects. The issue is f...

7.1CVSS6.1AI score0.00354EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2 days ago34 views

CVE-2026-46639 Twig: Sandbox property and method bypass via object-destructuring assignment

Twig is a template language for PHP. From 3.24.0 until 3.26.0, object-destructuring assignment compiles CoreExtension::getAttribute with the sandbox argument hardcoded to false, disabling property and method policy checks and allowing an attacker with write access to a sandboxed Twig template to...

7.1CVSS0.00354EPSS
Exploits0References2
github
github
added 2026/05/21 9:30 p.m.14 views

Twig: Sandbox property and method bypass via object-destructuring assignment

Description The object-destructuring assignment syntax introduced in Twig 3.24.0 generates a call to CoreExtension::getAttribute with the $sandboxed argument hardcoded to false, regardless of whether a SandboxExtension is active. This permanently disables the sandbox's property and method policy...

7.1CVSS5.8AI score0.00354EPSS
Exploits0References4Affected Software1
ptsecurity
ptsecurity
added 2026/05/21 12:0 a.m.9 views

PT-2026-42691

Name of the Vulnerable Software and Affected Versions Twig versions 3.24.0 through 3.24.x Description The object-destructuring assignment syntax generates a call to the getAttribute function within CoreExtension where the $sandboxed argument is hardcoded to false. This occurs regardless of whethe...

8.7CVSS5.8AI score0.00354EPSS
Exploits0References15
snyk
snyk
added 2026/05/20 9:41 a.m.8 views

Incorrect Authorization

Overview twig/twig is a flexible, fast, and secure template language for PHP. Affected versions of this package are vulnerable to Incorrect Authorization via object-destructuring assignment handling in ObjectDestructuringSetBinary::compile. An attacker can bypass Twig sandbox property and method...

7.1CVSS5.9AI score0.00354EPSS
Exploits0References2
friendsofphp
friendsofphp
added 2026/05/20 8:0 a.m.12 views

Sandbox property and method bypass via object-destructuring assignment

More info at https://symfony.com/cve-2026-46639...

7.1CVSS5.8AI score0.00354EPSS
Exploits0Affected Software1
cnvd
cnvd
added 2026/03/09 12:0 a.m.4 views

Google Chrome DevTools Heap Corruption Vulnerability

Google Chrome is a free web browser developed by Google Inc. A heap corruption vulnerability exists in Google Chrome DevTools, which stems from improper object destructuring and can be exploited by remote attackers to execute arbitrary code...

8.8CVSS6.1AI score0.00271EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/03/03 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a free web browser developed by Google Inc. A heap corruption vulnerability exists in Google Chrome DevTools, which stems from improper object destructuring and can be exploited by remote attackers to execute arbitrary code...

8.8CVSS7.6AI score0.00271EPSS
Exploits0References3
osv
osv
added 2023/07/25 1:54 p.m.35 views

GHSA-VH2G-6C4X-5HMP Path traversal and code execution via prototype vulnerability

Impact Due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to arbitrarily execute javascript files on the local disk. Patches Patched in v2.8.7...

10CVSS9.2AI score0.00834EPSS
Exploits0References5
github
github
added 2023/07/25 1:54 p.m.23 views

Path traversal and code execution via prototype vulnerability

Impact Due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to arbitrarily execute javascript files on the local disk. Patches Patched in v2.8.7...

10CVSS6.9AI score0.00834EPSS
Exploits0References5Affected Software1
prion
prion
added 2023/07/24 10:15 p.m.24 views

Path traversal

NodeBB is Node.js based forum software. Starting in version 2.5.0 and prior to version 2.8.7, due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to...

7.5CVSS9.1AI score0.00834EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2023/07/24 9:8 p.m.58 views

CVE-2023-26045 NodeBB vulnerable to path traversal and code execution via prototype vulnerability

NodeBB is Node.js based forum software. Starting in version 2.5.0 and prior to version 2.8.7, due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to...

10CVSS9.4AI score0.00834EPSS
Exploits0References3
Rows per page
Query Builder