Security Advisories - PKSA-msh7-gxqk-k56q - Packagist.org

PKSA-msh7-gxqk-k56q Security Advisory

symfony/ux-autocomplete Information exposure via unescaped LIKE wildcards in EntitySearchUtil

PKSA-msh7-gxqk-k56q CVE-2026-49211

Affected package: symfony/ux-autocomplete

Affected version: >=2.2.0,<2.36.0|>=3.0.0,<3.1.0

Reported by:
FriendsOfPHP/security-advisories