GHSA-7Q3W-XQJW-G3CR Filament has inconsistent scope enforcement for its AttachAction and AssociateAction Select fields

The recordSelectOptionsQuery method may be used to scope the options available in the Select field for AttachAction and AssociateAction. However, the built-in validation rule for these fields did not apply the same scope. As a result, a user who can trigger these actions could tamper with the...

PT-2026-48811

Name of the Vulnerable Software and Affected Versions filament/actions versions 4.0.0 through 4.11.3 filament/actions versions 5.0.0 through 5.6.3 filament/tables versions 3.0.0 through 3.3.50 Description The recordSelectOptionsQuery method is used to scope options available in the Select field f...