CVE-2026-56701 | Grav up to 2.0.0-beta.1 SVG File xml external entity reference (GHSA-3446-6mgw-f79p)

Inserito da Angelo Barbosa | Giu 23, 2026 | CVE

A vulnerability described as problematic has been identified in Grav up to 2.0.0-beta.1. This affects an unknown part of the component SVG File Handler. Such manipulation leads to xml external entity reference.

This vulnerability is uniquely identified as CVE-2026-56701. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-56701 | Grav up to 2.0.0-beta.1 SVG File xml external entity reference (GHSA-3446-6mgw-f79p)

Post correlati

CVE-2024-2068 | SourceCodester Computer Inventory System 1.0 update-computer.php model cross site scripting

CVE-2024-1341 | Advanced iFrame Plugin up to 2024.1 on WordPress cross site scripting

CVE-2026-40338 | gphoto libgphoto2 up to 2.5.33 camlibs/ptp2/ptp-pack.c ptp_unpack_Sony_DPD out-of-bounds (GHSA-2hwp-w84q-27hf)

CVE-2024-2410 | protocolbuffers protobuf up to 4.24.x JsonToBinaryStream use after free