Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-54164 |
|
Vulnerability in symfony (CVE-2026-54164)
vulnerability in symfony (CVE-2026-54164). Data can be tampered with by attackers.
|
| CVE-2026-49260 |
|
OS Command Injection in pontedilana/php-weasyprint (CVE-2026-49260)
OS command injection in pontedilana/php-weasyprint (CVE-2026-49260). Successful exploitation can lead to full system takeover. Exploitable via ``master``. Mitigation: upgrade to `2.5.1` or later.
|
| CVE-2026-24425 |
|
Vulnerability in twig/twig (CVE-2026-24425)
vulnerability in twig/twig (CVE-2026-24425). Successful exploitation can lead to full system takeover. Exploitable via ``SourcePolicyInterface``. Mitigation: upgrade to `3.26.0` or later.
|
| CVE-2026-45701 |
|
Vulnerability in sulu/sulu (CVE-2026-45701)
vulnerability in sulu/sulu (CVE-2026-45701). Risk of unauthorized operations or information disclosure. Exploitable via ``User.php``. Mitigation: upgrade to `2.6.23` or later.
|
| CVE-2026-41498 |
|
Vulnerability in kimai/kimai (CVE-2026-41498)
vulnerability in kimai/kimai (CVE-2026-41498). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.54.0` or later.
|
| CVE-2016-2403 |
|
Authentication Bypass in symfony (CVE-2016-2403)
authentication bypass in symfony (CVE-2016-2403). Successful exploitation can lead to full system takeover.
|