[MEDIUM] October Rain has a Twig Sandbox Bypass via Collection Methods

PKSA-7hg1-vmz2-j7w6 CVE-2026-22692 GHSA-m5qg-jc75-4jp6

Affected package: october/rain

Affected version: <=3.7.12|>=4.0.0,<=4.1.4

Reported by:
GitHub