PKSA-g2n6-j3mn-x8xf Security Advisory
-
[HIGH] Craft CMS Vulnerable to potential authenticated Remote Code Execution via malicious attached Behavior
PKSA-g2n6-j3mn-x8xf CVE-2026-25498 GHSA-7jx7-3846-m7w7
Affected package: craftcms/cms
Affected version: >=4.0.0-RC1,<=4.16.17|>=5.0.0-RC1,<=5.8.21
Reported by:
GitHub