CVE-2026-49981: CWE-693: Protection Mechanism Failure in twigphp Twig
Twig, a PHP template language, has a protection mechanism failure vulnerability prior to version 3.27.0. The issue involves the caching of per-template allow-list verdicts for filters, tags, and…
Read the full article2d agoen
You might also wanna read
Twig Template Engine Vulnerability Allows Sandbox Policy Bypass
A critical vulnerability in Twig versions 3.9.0 through 3.25.0 allows sandboxed templates to bypass security policy enforcement.
Xploitwire·8h ago
Critical PHP Injection Vulnerability Patched in Twig Template Engine
A critical vulnerability in Twig versions prior to 3.26.0 allows attackers to inject arbitrary PHP code via crafted template names in {% use
Xploitwire·8h ago

WAF - WAF Release - 2025-10-13
This week’s highlights include a new JinJava rule targeting a sandbox-bypass flaw that could allow malicious template input to escape execut
Cloudflare·9mo ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.