CVE-2026-48784
CVE-2026-48784 is a Symfony UrlGenerator issue in UrlGenerator::doGenerate() where strtr dot-segment encoding skipped every other chained ../ or ./ segments. This allowed attacker-controlled route parameters to generate URLs that collapse to a different path under RFC 3986 normalization. The vuln...