CVE-2026-48557

EPSS 0.44%
Veröffentlicht 29.05.2026 19:49:15
Zuletzt bearbeitet 29.05.2026 20:21:38
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

Spatie Laravel Media Library < 11.23.0 File Upload Restriction Bypass via FileAdder.php

Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanitizer(). The sanitizer checks only the final filename suffix, allowing double-extension filenames such as shell.php.jpg to bypass the blocklist, with pathinfo() preserving inner .php stems in saved filenames. The blocklist also omits executable extensions including .php6, .shtml, and .htaccess. The double-extension bypass requires a legacy Apache AddHandler configuration to achieve PHP execution; the incomplete blocklist bypass does not.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

CNA 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Herstellerspatie

≫

Produkt laravel-medialibrary

Default Statusaffected

Version 0

Version < 11.23.0

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.44%	0.349

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
disclosure@vulncheck.com	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
disclosure@vulncheck.com	8.7	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-184 Incomplete List of Disallowed Inputs

The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.

https://github.com/spatie/laravel-medialibrary/releases/tag/11.23.0

https://github.com/spatie/laravel-medialibrary/pull/3939

https://github.com/spatie/laravel-medialibrary/commit/608ea03703d3887c46434f5dda6af56de6346aba

https://www.vulncheck.com/advisories/spatie-laravel-media-library-file-upload-restriction-bypass-via-fileadder-php

https://nvd.nist.gov/vuln/detail/CVE-2026-48557

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-48557

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-48557

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-48557