CVE-2026-28424
Statamic CMS contains a medium-severity exposure where email addresses were returned by the user fieldtype data endpoint for control panel users lacking the view users permission. Affected versions are prior to 5.73.11 and 6.4.0. The issue has been fixed in 5.73.11 and 6.4.0. The CVSS vector indi...