statamic/cms Security Advisories for v6.10.0 (3)
-
[MEDIUM] Statamic CMS: Server-Side Request Forgery via Glide
PKSA-7fht-jznj-7mgv CVE-2026-45660 GHSA-pf9c-ch8r-2958
Affected version: >=6.0.0-alpha.1,<6.18.1|<5.73.22
Reported by:
GitHub -
[MEDIUM] Statamic CMS vulnerable to email enumeration via forgot password endpoint
PKSA-ynr1-y6st-8cwm CVE-2026-44306 GHSA-m24v-f7g5-gq67
Affected version: >=6.0.0,<6.15.0|<5.73.21
Reported by:
GitHub -
[HIGH] Statamic: Unsafe method invocation via query value resolution allows data destruction
PKSA-yx2m-bjk3-fnky CVE-2026-41175 GHSA-4jjr-vmv7-wh4w
Affected version: >=6.0.0-alpha.1,<6.13.0|<5.73.20
Reported by:
GitHub