VIR Vulnerability Intelligence Relay

Package impact

php Packagist / twig/twig

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-46633 critical 9.5 8d ago Twig: PHP code injection via `{% use %}` template name debianphp
CVE-2026-46628 low 2.5 8d ago Twig: The `spaceless` filter implicitly marks its output as safe debianphp
CVE-2026-46635 low 2.5 8d ago Twig: Sandbox property allowlist bypass via the `column` filter (array_column on objects) debianphp