Ubuntu 26.04 LTS : Twig vulnerability (USN-8408-1)

The remote Ubuntu 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8408-1 advisory. It was discovered that Twig did not properly validate PHP callables when using a source policy. An authenticated user could possibly use this issue to execute...

USN-8408-1 php-twig vulnerability

It was discovered that Twig did not properly validate PHP callables when using a source policy. An authenticated user could possibly use this issue to execute arbitrary code...

USN-8408-1: Twig vulnerability

It was discovered that Twig did not properly validate PHP callables when using a source policy. An authenticated user could possibly use this issue to execute arbitrary code...

GHSA-2Q52-X2FF-QGFR Twig: Possible sandbox bypass when using a source policy

Description When using the sandbox with a SourcePolicyInterface, Twig does not always apply the sandbox restriction that forbids non-Closure callbacks for callback-accepting filters. The issue affects the sort, filter, map, and reduce filters. In the affected versions, the runtime check that...

Twig: Possible sandbox bypass when using a source policy

Description When using the sandbox with a SourcePolicyInterface, Twig does not always apply the sandbox restriction that forbids non-Closure callbacks for callback-accepting filters. The issue affects the sort, filter, map, and reduce filters. In the affected versions, the runtime check that...

CVE-2026-24425

Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...

CVE-2026-45042 RustFS: UploadPartCopy Does Not Enforce Destination Bucket Policy on Copy Source

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, improper authorization in the UploadPartCopy operation allows copying objects across buckets without enforcing destination bucket restrictions on allowed copy sources. The implementation validates GetObject...

Incorrect Authorization

Overview twig/twig is a flexible, fast, and secure template language for PHP. Affected versions of this package are vulnerable to Incorrect Authorization via the CoreExtension::column filter when sandboxing is enabled through SourcePolicyInterface. An attacker can bypass the sandbox property...

GHSA-24X9-R6Q4-Q93W Twig: `template_from_string()` escapes a SourcePolicy-driven sandbox via synthesized template name

Description When the sandbox is enabled selectively via SourcePolicyInterface and not globally, a sandboxed template that is allowed to call templatefromstring and include can render an arbitrary inner template with no security policy enforcement. Environment::createTemplate compiles the inner...

Twig: `template_from_string()` escapes a SourcePolicy-driven sandbox via synthesized template name

Description When the sandbox is enabled selectively via SourcePolicyInterface and not globally, a sandboxed template that is allowed to call templatefromstring and include can render an arbitrary inner template with no security policy enforcement. Environment::createTemplate compiles the inner...

PT-2026-42583

Description When the sandbox is enabled selectively via SourcePolicyInterface and not globally, a sandboxed template that is allowed to call template from string and include can render an arbitrary inner template with no security policy enforcement. Environment::createTemplate compiles the inner...

Linux Distros Unpatched Vulnerability : CVE-2026-24425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template...

CVE-2026-24425

Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...

DEBIAN-CVE-2026-24425

Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...

UBUNTU-CVE-2026-24425

Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...

CVE-2026-24425

Twig 2.16.x and 3.9.0–3.25.x contain a sandbox bypass via SourcePolicyInterface, allowing runtime bypass of sandbox checks when using a source policy to execute arbitrary code. The underlying issue is a runtime check that fails to use the current template source, enabling code execution if sandbo...

CVE-2026-24425

Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...

CVE-2026-24425

Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...

Incorrect Authorization

Overview twig/twig is a flexible, fast, and secure template language for PHP. Affected versions of this package are vulnerable to Incorrect Authorization via Environment::createTemplate when sandboxing is enabled selectively through SourcePolicyInterface. An attacker can bypass Twig sandbox...

PT-2026-42168

Name of the Vulnerable Software and Affected Versions Twig versions 2.16.x Twig versions 3.9.0 through 3.25.x Description A sandbox bypass exists when using a SourcePolicyInterface. This occurs because a runtime check fails to use the current template source, allowing attackers with template...