Known vulnerabilities in Pixel & Tonic, Inc. Craft CMS

Website: https://craftcms.com/
Total Security Bulletins: 56

Security bulletins (56)

Secuity bulletin Severity Status Published
SB2026061672: Multiple vulnerabilities in Craft CMS Medium
Patched
16.06.2026
SB2026061671: Cross-site scripting in Craft CMS Medium
Patched
16.06.2026
SB2026061670: Multiple vulnerabilities in Craft CMS Medium
Patched
16.06.2026
SB2026061669: Multiple vulnerabilities in Craft CMS Medium
Patched
16.06.2026
SB2026061668: Multiple vulnerabilities in Craft CMS Low
Patched
16.06.2026
SB2026061667: Improper access control in Craft CMS High
Patched
16.06.2026
SB2026061666: Multiple vulnerabilities in Craft CMS Medium
Patched
16.06.2026
SB2026060343: Multiple vulnerabilities in Craft CMS Medium
Patched Public exploit
03.06.2026
SB2026060342: Path traversal in Craft CMS Medium
Patched
03.06.2026
SB2026052955: Multiple vulnerabilities in Craft CMS Medium
Patched
29.05.2026
SB2026052953: Missing Authorization in Craft CMS Medium
Patched
29.05.2026
SB2026050445: Multiple vulnerabilities in Craft CMS Low
Patched
04.05.2026
SB20260417106: Multiple vulnerabilities in Craft CMS Low
Patched
17.04.2026
SB20260417105: Improper Neutralization of Special Elements Used in a Template Engine in Craft CMS Low
Patched
17.04.2026
SB20260417104: Improper access control in Craft CMS Low
Patched
17.04.2026
SB2026032462: Multiple vulnerabilities in Craft CMS Medium
Patched
24.03.2026
SB2026032461: Remote code execution in Craft CMS Medium
Patched
24.03.2026
SB2026021833: Multiple vulnerabilities in Craft CMS Medium
Patched Public exploit
18.02.2026
SB2026021831: Multiple vulnerabilities in Craft CMS Medium
Patched
18.02.2026
SB2026010560: Multiple vulnerabilities in Craft CMS High
Patched Public exploit
05.01.2026


Showing elements 1 - 20 out of 56