Lucene search
K

64506 matches found

OSV
OSV
added 2 days ago14 views

UBUNTU-CVE-2026-48805

Twig is a template language for PHP. Prior to 3.27.0, deprecated internal wrappers in src/Resources/core.php do not forward the current sandbox state to CoreExtension::checkArrow, arraySome, and arrayEvery, allowing legacy calls such as twigarraysome, twigarrayevery, and twigcheckarrowinsandbox t...

5.3CVSS6.1AI score0.00276EPSS
Exploits0References3
OSV
OSV
added 2 days ago17 views

UBUNTU-CVE-2026-48808

Twig is a template language for PHP. Prior to 3.27.0, the column filter passes the active sandbox state as a boolean but does not forward the current Source to SandboxExtension::checkPropertyAllowed, so SourcePolicyInterface decisions are lost and a template author can read public or magic...

6CVSS6.1AI score0.0026EPSS
Exploits0References3
OSV
OSV
added 2 days ago9 views

UBUNTU-CVE-2026-48807

Twig is a template language for PHP. Prior to 3.27.0, the sandbox toString checks do not fully cover Traversable values passed to join and replace filters or operands evaluated by the in and not in operators, allowing contained Stringable objects to be coerced to strings without consulting the...

7.1CVSS6.1AI score0.00235EPSS
Exploits0References3
OSV
OSV
added 2 days ago11 views

UBUNTU-CVE-2026-48806

Twig is a template language for PHP. Prior to 3.27.0, ArrayExpression does not guard dynamic mapping keys that are coerced to strings, allowing PHP to invoke toString on a Stringable object used as a mapping key without calling SandboxExtension::ensureToStringAllowed. This issue is fixed in versi...

7.1CVSS6.1AI score0.00238EPSS
Exploits0References3
OSV
OSV
added 2 days ago5 views

UBUNTU-CVE-2026-46635

Twig is a template language for PHP. Prior to 3.26.0, the column filter passes object arrays to PHP arraycolumn, which reads public and magic properties without reaching CoreExtension::getAttribute or SandboxExtension::checkPropertyAllowed, allowing an untrusted template author with column in...

5.3CVSS6.1AI score0.00371EPSS
Exploits0References3
OSV
OSV
added 2 days ago6 views

UBUNTU-CVE-2026-46640

Twig is a template language for PHP. From 3.15.0 until 3.26.0, self. and import-alias dynamic attribute syntax can concatenate an attacker-controlled string into a MacroReferenceExpression name without identifier validation, causing raw PHP to be emitted into the generated template source and...

8.7CVSS6.1AI score0.00335EPSS
Exploits0References3
OSV
OSV
added 2 days ago6 views

UBUNTU-CVE-2026-46629

Twig is a template language for PHP. Prior to 3.26.0, twig/intl-extra memoises IntlDateFormatter and NumberFormatter instances in arrays keyed by template-controlled filter arguments such as locale, pattern, and attrs, allowing a template to allocate many ICU formatter objects that remain pinned...

5.3CVSS6.1AI score0.0026EPSS
Exploits0References3
OSV
OSV
added 2 days ago6 views

UBUNTU-CVE-2026-46633

Twig is a template language for PHP. Prior to 3.26.0, Compiler::string does not escape single quotes when a template name from a % use % tag is placed inside a PHP single-quoted string literal, allowing a crafted template name to terminate the string and inject arbitrary PHP expressions into the...

8.7CVSS6.2AI score0.0052EPSS
Exploits0References3
OSV
OSV
added 2 days ago8 views

UBUNTU-CVE-2026-46639

Twig is a template language for PHP. From 3.24.0 until 3.26.0, object-destructuring assignment compiles CoreExtension::getAttribute with the sandbox argument hardcoded to false, disabling property and method policy checks and allowing an attacker with write access to a sandboxed Twig template to...

7.1CVSS6.1AI score0.00354EPSS
Exploits0References3
OSV
OSV
added 2 days ago7 views

UBUNTU-CVE-2026-46628

Twig is a template language for PHP. Prior to 3.26.0, the deprecated spaceless filter is registered as safe for HTML, causing Twig autoescaping to emit attacker-controlled markup unescaped when spaceless is applied to untrusted input. This issue is fixed in version 3.26.0...

5.1CVSS6.1AI score0.0026EPSS
Exploits0References3
OSV
OSV
added 2 days ago10 views

UBUNTU-CVE-2026-47730

Twig is a template language for PHP. From 3.0.0 until 3.26.0, Twig\Profiler\Dumper\HtmlDumper writes Profile::getTemplate and Profile::getName into HTML output without escaping, allowing attacker-controlled template or profile names to inject arbitrary HTML when a browser renders the profiler dum...

5.1CVSS6.2AI score0.00269EPSS
Exploits0References3
OSV
OSV
added 2 days ago9 views

UBUNTU-CVE-2026-46627

Twig is a template language for PHP. Prior to 3.26.0, the Twig sandbox does not prevent a template from consuming CPU, memory, or wall-clock time, even under the strictest allow-list, allowing untrusted templates to cause resource exhaustion. This issue is addressed in version 3.26.0 by documenti...

7.1CVSS6.1AI score0.00331EPSS
Exploits0References3
OSV
OSV
added 2 days ago6 views

UBUNTU-CVE-2026-46634

Twig is a template language for PHP. From 3.9.0 until 3.26.0, templatefromstring compiles an inner template under a synthesized stringtemplate name that can fall outside a SourcePolicyInterface sandbox decision, allowing a sandboxed template that can call templatefromstring and include to render ...

7.7CVSS6.1AI score0.00331EPSS
Exploits0References3
OSV
OSV
added 2 days ago12 views

UBUNTU-CVE-2026-47732

Twig is a template language for PHP. Prior to 3.26.0, several Twig language constructs trigger PHP string coercion on a Stringable operand without consulting SecurityPolicy::checkMethodAllowed, allowing a sandboxed template author to invoke toString on objects reachable in the render context...

7.1CVSS6.1AI score0.00371EPSS
Exploits0References3
OSV
OSV
added 2 days ago8 views

UBUNTU-CVE-2026-46638

Twig is a template language for PHP. Prior to 3.26.0, % sandbox %% include % can include a template that was previously loaded outside the sandbox without re-invoking checkSecurity, allowing the cached template to use tags, filters, and functions that should have been denied by...

6CVSS7AI score0.00833EPSS
Exploits0References3
OSV
OSV
added 2 days ago6 views

UBUNTU-CVE-2026-46637

Twig is a template language for PHP. Prior to 3.26.0, several filters in twig/markdown-extra and twig/cssinliner-extra are registered with issafe = all, causing Twig to treat plain text or HTML output as safe in HTML, JavaScript, CSS, URL, and other contexts where the output is not properly...

5.1CVSS6.1AI score0.00268EPSS
Exploits0References3
OSV
OSV
added 2 days ago8 views

UBUNTU-CVE-2026-46644

Symfony Polyfill backports PHP features and provides compatibility layers for extensions and functions. From 1.17.1 until 1.38.1, symfony/polyfill-intl-idn accepts xn-- labels whose Punycode payload is empty or decodes to ASCII-only code points because Idn::process does not enforce the UTS 46...

6.9CVSS6.1AI score0.00394EPSS
Exploits0References4
OSV
OSV
added 2 days ago8 views

UBUNTU-CVE-2026-48489

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.53, 6.4.41, 7.4.13, and 8.0.13, DefaultAuthenticationFailureHandler honored the request-supplied failurepath parameter when failureforward: true was enabled, allowing an unauthenticated...

8.7CVSS6.1AI score0.00487EPSS
Exploits0References4
OSV
OSV
added 2 days ago10 views

UBUNTU-CVE-2026-48761

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0 until 6.4.41, 7.4.13, and 8.0.13, UrlAttributeSanitizer::getSupportedAttributes omitted URL-bearing attributes on , , , and , and URLs inside content bypassed URL sanitization, allowing...

5.3CVSS6.1AI score0.00448EPSS
Exploits0References4
OSV
OSV
added 2 days ago20 views

UBUNTU-CVE-2026-47212

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, TwilioRequestParser::doParse received the configured webhook secret but ignored the X-Twilio-Signature HMAC header, allowing unauthenticated POST requests to inje...

6.9CVSS6.1AI score0.00303EPSS
Exploits0References3
Rows per page
Query Builder