Software catalogue for Pixel & Tonic, Inc.
Latest security bulletins
| Secuity bulletin | Severity | Status | Published |
|---|---|---|---|
| SB2026021833: Multiple vulnerabilities in Craft CMS | Medium | 18.02.2026 | |
| SB2026021831: Privilege escalation in Craft CMS | Medium | 18.02.2026 | |
| SB2026010560: Multiple vulnerabilities in Craft CMS | High | 05.01.2026 | |
| SB2025060309: Improper input validation in Craft CMS | Medium | 03.06.2025 | |
| SB2025050549: Authenticated SSTI in Craft CMS | Low | 05.05.2025 | |
| SB2025042834: Remote code execution in Craft CMS | Critical | 28.04.2025 | |
| SB2025010620: Remote code execution in Craft CMS | High | 06.01.2025 | |
| SB2024121837: Remote code execution in Craft CMS | High | 18.12.2024 | |
| SB2024072609: Insufficient Session Expiration in Craft CMS | Medium | 26.07.2024 | |
| SB2024050924: Cross-site scripting in Craft CMS | Low | 09.05.2024 |