slug: laravel

Explanation

Laravel (ララベル) はPHPで最も人気のあるWebアプリケーションフレームワークです。 会員機能・データベース連携・API作成などWebアプリに必要な機能が揃っており、開発効率が非常に高いことで知られています。 Laravel本体は堅牢ですが、サードパーティパッケージの脆弱性や、設定ミス (debug mode 露出等) が脆弱性の原因になることが多いです。
📌 Example
CVE-2024-52301 (Laravel debug mode RCE): APP_DEBUG=true で本番公開すると環境変数経由でリモートコード実行されうるリスクが報告された。

🔖 Related tags

🛡 Vulnerabilities tagged with this 36

ID Title
CVE-2026-57958 Cross-Site Scripting (XSS) in laravel (CVE-2026-57958)
CVE-2026-48500 Vulnerability in filament/filament (CVE-2026-48500)
CVE-2026-48505 Vulnerability in filament/filament (CVE-2026-48505)
CVE-2026-48166 Vulnerability in filament/filament (CVE-2026-48166)
CVE-2026-48167 Cross-Site Scripting (XSS) in filament/infolists (CVE-2026-48167)
CVE-2026-49288 Information Disclosure in statamic/cms (CVE-2026-49288)
CVE-2026-49287 Vulnerability in statamic/cms (CVE-2026-49287)
CVE-2026-55409 Cross-Site Scripting (XSS) in filament/forms (CVE-2026-55409)
CVE-2026-48067 Vulnerability in filament/tables (CVE-2026-48067)
CVE-2026-53634 Vulnerability in code16/sharp (CVE-2026-53634)
CVE-2022-31114 Cross-Site Scripting (XSS) in backpack/crud (CVE-2022-31114)
CVE-2026-48811 Vulnerability in laravel (CVE-2026-48811)
CVE-2026-48810 Vulnerability in laravel (CVE-2026-48810)
CVE-2026-47123 Vulnerability in laravel (CVE-2026-47123)
CVE-2026-48555 SSRF (Server-Side Request Forgery) in spatie/laravel-medialibrary (CVE-2026-48555)
CVE-2026-48557 Spatie Laravel Media Library contains a file upload restriction bypass
CVE-2026-45294 Vulnerability in laravel (CVE-2026-45294)
CVE-2026-45660 SSRF (Server-Side Request Forgery) in statamic/cms (CVE-2026-45660)
CVE-2026-44692 Vulnerability in code16/sharp (CVE-2026-44692)
CVE-2026-44306 Vulnerability in statamic/cms (CVE-2026-44306)
CVE-2026-44262 Code Injection in dedoc/scramble (CVE-2026-44262)
CVE-2026-41524 Cross-Site Scripting (XSS) in laravel (CVE-2026-41524)
CVE-2026-41906 Vulnerability in laravel (CVE-2026-41906)
CVE-2026-41902 Vulnerability in laravel (CVE-2026-41902)
CVE-2026-34084 Unsafe Deserialization in phpoffice/phpspreadsheet (CVE-2026-34084)
CVE-2026-31843 Vulnerability in laravel (CVE-2026-31843)
CVE-2026-39976 Authentication Bypass in laravel (CVE-2026-39976)
CVE-2026-4809 Unrestricted File Upload in laravel (CVE-2026-4809)
CVE-2025-54068 KEV [KEV] Code Injection in Laravel livewire (CVE-2025-54068)
CVE-2025-56399 Code Injection in laravel (CVE-2025-56399)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →