Craftcms Cms Vulnerabilities

Bypass in SSRF Validation in Craft CMS Affects Various Versions

CVE-2026-27129

CraftcmsCms5.7MEDIUM

Time-of-Check-Time-of-Use Race Condition in Craft CMS by Craft

CVE-2026-27128

CraftcmsCms6.9MEDIUM

DNS Rebinding Vulnerability in Craft CMS Affects Multiple Versions

CVE-2026-27127

CraftcmsCms7HIGH

Stored Cross-site Scripting Vulnerability in Craft CMS

CVE-2026-27126

CraftcmsCms5.9MEDIUM

Remote Code Execution Vulnerability in Craft CMS by Craft

CVE-2026-25498

CraftcmsCms8.6HIGH

Privilege Escalation Vulnerability in Craft CMS GraphQL API by Craft

CVE-2026-25497

CraftcmsCms8.6HIGH

Stored XSS Vulnerability in Craft by Invision Community

CVE-2026-25496

CraftcmsCms4.8MEDIUM

SQL Injection Vulnerability in Craft Platform by Craft CMS

CVE-2026-25495

CraftcmsCms8.7HIGH

Craft Platform Vulnerability in Asset Management Functionality

CVE-2026-25494

CraftcmsCms6.9MEDIUM

Server-Side Request Forgery Vulnerability in Craft CMS by Pixel & Tonic

CVE-2026-25493

CraftcmsCms6.9MEDIUM

Content Management System Vulnerability in Craft by Pixel & Tonic

CVE-2026-25492

CraftcmsCms5.3MEDIUM

Stored XSS Vulnerability in Craft Platform by Craft CMS

CVE-2026-25491

CraftcmsCms1.9LOW

Database Backup Vulnerability in Craft CMS by Pixel & Tonic

CVE-2025-68456

CraftcmsCms7HIGH

Remote Code Execution Vulnerability in Craft CMS by Pixel & Tonic

CVE-2025-68455

CraftcmsCms8.6HIGH

Remote Code Execution Vulnerability in Craft CMS by Craft

CVE-2025-68454

CraftcmsCms5.2MEDIUM

Server-Side Request Forgery Vulnerability in Craft CMS by Craft

CVE-2025-68437

CraftcmsCms5MEDIUM

Information Exposure in Craft CMS Versions Affecting User Profile Photos

CVE-2025-68436

CraftcmsCms4.9MEDIUM

Remote Code Execution Vulnerability in Craft CMS by Pixel & Tonic

CVE-2025-57811

CraftcmsCms6.1MEDIUM

Remote Code Execution Vulnerability in Craft CMS by Pixel & Tonic

CVE-2025-54417

CraftcmsCms5.2MEDIUM

Remote Code Execution Vulnerability in Craft CMS by Craft

CVE-2025-46731

CraftcmsCms📈👾📰7.3HIGH

Remote Code Execution Vulnerability in Craft CMS by Pixel & Tonic

CVE-2025-32432

CraftcmsCms📈💰👾🟡EPSS 80%📰10CRITICAL

Remote Code Execution Vulnerability in Craft CMS by Craft

CVE-2025-23209

CraftcmsCms📈👾EPSS 19%🦅📰8.1HIGH

Remote Code Execution Vulnerability in Craft CMS for Specific PHP Configurations

CVE-2024-56145

CraftcmsCms🥇📈👾🟡EPSS 94%🦅📰9.3CRITICAL

Local File System Validation Bypass Vulnerability in CraftCMS by Craft

CVE-2024-52291

CraftcmsCraft Cms7.2HIGH

File Disclosure Vulnerability in Craft CMS by Craft

CVE-2024-52292

CraftcmsCraft Cms6.5MEDIUM

craftcms Cms Vulnerabilities

Vulnerability Published:

Sort By:

24 February 2026

Bypass in SSRF Validation in Craft CMS Affects Various Versions

Time-of-Check-Time-of-Use Race Condition in Craft CMS by Craft

DNS Rebinding Vulnerability in Craft CMS Affects Multiple Versions

Stored Cross-site Scripting Vulnerability in Craft CMS

9 February 2026

Remote Code Execution Vulnerability in Craft CMS by Craft

Privilege Escalation Vulnerability in Craft CMS GraphQL API by Craft

Stored XSS Vulnerability in Craft by Invision Community

SQL Injection Vulnerability in Craft Platform by Craft CMS

Craft Platform Vulnerability in Asset Management Functionality

Server-Side Request Forgery Vulnerability in Craft CMS by Pixel & Tonic

Content Management System Vulnerability in Craft by Pixel & Tonic

Stored XSS Vulnerability in Craft Platform by Craft CMS

5 January 2026

Database Backup Vulnerability in Craft CMS by Pixel & Tonic

Remote Code Execution Vulnerability in Craft CMS by Pixel & Tonic

Remote Code Execution Vulnerability in Craft CMS by Craft

Server-Side Request Forgery Vulnerability in Craft CMS by Craft

Information Exposure in Craft CMS Versions Affecting User Profile Photos

25 August 2025

Remote Code Execution Vulnerability in Craft CMS by Pixel & Tonic

9 August 2025

Remote Code Execution Vulnerability in Craft CMS by Pixel & Tonic

5 May 2025

Remote Code Execution Vulnerability in Craft CMS by Craft

25 April 2025

Remote Code Execution Vulnerability in Craft CMS by Pixel & Tonic

18 January 2025

Remote Code Execution Vulnerability in Craft CMS by Craft

18 December 2024

Remote Code Execution Vulnerability in Craft CMS for Specific PHP Configurations

13 November 2024

Local File System Validation Bypass Vulnerability in CraftCMS by Craft

File Disclosure Vulnerability in Craft CMS by Craft