Search by 
symfony/polyfill Security Advisories for v1.37.0 (1)
-
[LOW] CVE-2026-46644: symfony/polyfill-intl-idn accepts xn-- labels whose Punycode payload decodes to ASCII-only: insecure equivalence
PKSA-df53-cqz9-c3zn CVE-2026-46644 GHSA-2xf4-cg6j-vhgq
Affected version: >=1.17.1,<1.38.1
Reported by:
GitHub, FriendsOfPHP/security-advisories