CVE-2026-44692
- EPSS 0.26%
- Veröffentlicht 10.06.2026 20:03:48
- Zuletzt bearbeitet 11.06.2026 15:31:25
Sharp is a content management framework built for Laravel as a package. Prior to version 9.22.0, Sharp exposes a generic download endpoint that authorizes access only to the supplied Sharp entity instance, but then reads the target storage disk and p...
CVE-2026-53634
- EPSS 0.21%
- Veröffentlicht 10.06.2026 20:03:33
- Zuletzt bearbeitet 11.06.2026 15:31:25
Sharp is a content management framework built for Laravel as a package. From version 9.0.0 to before version 9.22.3, the create and store endpoints of the Quick Creation Command feature did not enforce any authorization check. An authenticated Sharp ...
CVE-2026-33686
- EPSS 0.55%
- Veröffentlicht 26.03.2026 21:54:25
- Zuletzt bearbeitet 01.04.2026 12:26:41
Sharp is a content management framework built for Laravel as a package. Versions prior to 9.20.0 have a path traversal vulnerability in the FileUtil class. The application fails to sanitize file extensions properly, allowing path separators to be pa...
CVE-2026-33687
- EPSS 0.51%
- Veröffentlicht 26.03.2026 21:47:55
- Zuletzt bearbeitet 02.04.2026 17:22:02
Sharp is a content management framework built for Laravel as a package. Versions prior to 9.20.0 contain a vulnerability in the file upload endpoint that allows authenticated users to bypass all file type restrictions. The upload endpoint within the ...