Known vulnerabilities in CodeIgniter CodeIgniter4

Vendor: CodeIgniter
Website: https://codeigniter.com/
Total Security Bulletins: 13

Security bulletins (13)

Secuity bulletin Severity Status Published
SB2026070756: Multiple vulnerabilities in CodeIgniter4 High
Patched
07.07.2026
SB2026052302: Arbitrary file upload in CodeIgniter4 High
Patched
23.05.2026
SB2026052301: OS Command Injection in CodeIgniter4 High
Patched
23.05.2026
SB2025011811: Interpretation Conflict in CodeIgniter4 Medium
Patched
18.01.2025
SB2024032959: Infinite loop in CodeIgniter4 Medium
Patched
29.03.2024
SB2023102738: Information Exposure Through an Error Message in CodeIgniter4 Medium
Patched
27.10.2023
SB2023052104: Input validation error in CodeIgniter4 High
Patched
21.05.2023
SB2022122233: Multiple vulnerabilities in CodeIgniter4 High
Patched
22.12.2022
SB2022100669: Improper Initialization in CodeIgniter4 Medium
Patched
06.10.2022
SB2022082538: Cross-site request forgery in CodeIgniter4 Low
Patched
25.08.2022
SB2022022608: Multiple vulnerabilities in CodeIgniter4 High
Patched
26.02.2022
SB2022012626: Cross-site scripting in Codeigniter4 Low
Patched
26.01.2022
SB2022010433: Deserialization of Untrusted Data in CodeIgniter4 Medium
Patched
04.01.2022