Twig: Sandbox property and method bypass via object-destructuring assignment

Description The object-destructuring assignment syntax introduced in Twig 3.24.0 generates a call to CoreExtension::getAttribute with the $sandboxed argument hardcoded to false, regardless of whether a SandboxExtension is active. This permanently disables the sandbox's property and method policy...

PT-2026-42691

Name of the Vulnerable Software and Affected Versions Twig versions 3.24.0 through 3.24.x Description The object-destructuring assignment syntax generates a call to the getAttribute function within CoreExtension where the $sandboxed argument is hardcoded to false. This occurs regardless of whethe...

Incorrect Authorization

Overview twig/twig is a flexible, fast, and secure template language for PHP. Affected versions of this package are vulnerable to Incorrect Authorization via object-destructuring assignment handling in ObjectDestructuringSetBinary::compile. An attacker can bypass Twig sandbox property and method...

Sandbox property and method bypass via object-destructuring assignment

More info at https://symfony.com/cve-2026-46639...

Google Chrome DevTools Heap Corruption Vulnerability

Google Chrome is a free web browser developed by Google Inc. A heap corruption vulnerability exists in Google Chrome DevTools, which stems from improper object destructuring and can be exploited by remote attackers to execute arbitrary code...

Google Chrome 安全漏洞

Google Chrome is a free web browser developed by Google Inc. A heap corruption vulnerability exists in Google Chrome DevTools, which stems from improper object destructuring and can be exploited by remote attackers to execute arbitrary code...

GHSA-VH2G-6C4X-5HMP Path traversal and code execution via prototype vulnerability

Impact Due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to arbitrarily execute javascript files on the local disk. Patches Patched in v2.8.7...

Path traversal and code execution via prototype vulnerability

Impact Due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to arbitrarily execute javascript files on the local disk. Patches Patched in v2.8.7...

Path traversal

NodeBB is Node.js based forum software. Starting in version 2.5.0 and prior to version 2.8.7, due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to...

CVE-2023-26045 NodeBB vulnerable to path traversal and code execution via prototype vulnerability

NodeBB is Node.js based forum software. Starting in version 2.5.0 and prior to version 2.8.7, due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to...