VIR Vulnerability Intelligence Relay

Package impact

php Packagist / twig/twig

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-46633 critical 9.5 8d ago Twig: PHP code injection via `{% use %}` template name debianphp
CVE-2026-24425 high 8.8 8.8 8d ago Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PH… debianphp
CVE-2026-46640 high 8.0 8d ago Twig: Arbitrary PHP code execution via `_self.(<string>)` macro-reference compilation debianphp
CVE-2026-46639 high 8.0 8d ago Twig: Sandbox property and method bypass via object-destructuring assignment debianphp
CVE-2015-7809 medium 6.8 11y ago Twig remote code execution in templates php
CVE-2026-46634 medium 5.5 8d ago Twig: `template_from_string()` escapes a SourcePolicy-driven sandbox via synthesized template name debianphp
CVE-2026-46638 medium 5.5 8d ago Twig: `{% sandbox %}{% include %}` skips checkSecurity() on cached templates (incomplete fix for CVE-2024-45411) debianphp
CVE-2026-46628 low 2.5 8d ago Twig: The `spaceless` filter implicitly marks its output as safe debianphp
CVE-2026-46635 low 2.5 8d ago Twig: Sandbox property allowlist bypass via the `column` filter (array_column on objects) debianphp
CVE-2026-48807 unknown 13h ago Sandbox `__toString()` policy bypass via `Traversable` in `join`/`replace` and `in`/`not in` operators debianphp
CVE-2026-46636 unknown 13h ago Sandbox filter, tag and function allow-list bypass when sandbox state changes between renders debianphp
CVE-2026-48806 unknown 13h ago Sandbox `__toString()` policy bypass via dynamic mapping keys debianphp
CVE-2026-48805 unknown 13h ago Sandbox state regression in deprecated internal wrappers in `src/Resources/core.php` debianphp
CVE-2026-48808 unknown 13h ago Sandbox property allowlist bypass via the `column` filter under `SourcePolicyInterface` debianphp
CVE-2026-47732 unknown 8d ago Sandbox: multiple `__toString()` policy bypasses via unguarded string coercion points debianphp
CVE-2026-46627 unknown 8d ago Sandbox does not protect against resource exhaustion debianphp
CVE-2026-47730 unknown 8d ago XSS in profiler HtmlDumper via unescaped template and profile names debianphp
CVE-2025-24374 unknown 1y ago Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This vulnerability is fixed in 3.19.0. debianphp
CVE-2024-51755 unknown 2y ago Twig has unguarded calls to `__isset()` and to array-accesses when the sandbox is enabled debianphp
CVE-2024-51754 unknown 2y ago Twig is a template language for PHP. In a sandbox, an attacker can call `__toString()` on an object even if the `__toString()` method is not allowed by the security policy when the object is part of … debianphp
CVE-2024-45411 unknown 2y ago Twig is a template language for PHP. Under some circumstances, the sandbox security checks are not run which allows user-contributed templates to bypass the sandbox restrictions. This vulnerability i… debianphp
CVE-2022-39261 unknown 4y ago Twig is a template language for PHP. Versions 1.x prior to 1.44.7, 2.x prior to 2.15.3, and 3.x prior to 3.4.3 encounter an issue when the filesystem loader loads templates for which the name is a us… debianphp
CVE-2019-9942 unknown 4y ago Twig Sandbox Information Disclosure php
CVE-2022-23614 unknown 4y ago Twig is an open source template language for PHP. When in a sandbox mode, the `arrow` parameter of the `sort` filter must be a closure to avoid attackers being able to run arbitrary PHP functions. In… debianphp