5 matches found
CVE-2026-39397
@delmaredigital/payload-puck is a PayloadCMS plugin for integrating Puck visual page builder. Prior to 0.6.23, all /api/puck/ CRUD endpoint handlers registered by createPuckPlugin called Payload's local API with the default overrideAccess: true, bypassing all collection-level access control. The...
EUVD-2026-18015
@payloadcms/next has Stored XSS in Admin Panel...
CVE-2026-34750
Payload CMS is affected by CVE-2026-34750 due to improper sanitization of filenames in client-upload signed-URL endpoints for storage backends (storage-azure, storage-gcs, storage-r2, storage-s3) prior to version 3.78.0. An attacker could craft filenames to escape the intended storage location. A...
CVE-2026-34751
Payload is a free and open source headless content management system. Prior to version 3.79.1 in @payloadcms/graphql and payload, a vulnerability in the password recovery flow could allow an unauthenticated attacker to perform actions on behalf of a user who initiates a password reset. This issue...
PT-2026-29596
Name of the Vulnerable Software and Affected Versions Payload versions prior to 3.78.0 Description Payload is a free and open source headless content management system. A stored Cross-Site Scripting XSS issue existed in the admin panel. An authenticated user with write access to a collection coul...