CVE-2026-56701 | Grav up to 2.0.0-beta.1 SVG File xml external entity reference (GHSA-3446-6mgw-f79p)

Inserito da Angelo Barbosa | Giu 23, 2026 | CVE

A vulnerability described as problematic has been identified in Grav up to 2.0.0-beta.1. This affects an unknown part of the component SVG File Handler. Such manipulation leads to xml external entity reference.

This vulnerability is uniquely identified as CVE-2026-56701. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-56701 | Grav up to 2.0.0-beta.1 SVG File xml external entity reference (GHSA-3446-6mgw-f79p)

Post correlati

CVE-2026-34537 | InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2/2.3.1.3/2.3.1.4/2.3.1.5 ICC Color Profile CIccOpDefEnvVar::Exec reliance on undefined, unspecified, or implementation-defined behavior (ID 670)

CVE-2024-49327 | Asep Bagja Priandana Woostagram Connect Plugin up to 1.0.2 on WordPress unrestricted upload

CVE-2026-5238 | itsourcecode Payroll Management System 1.0 Parameter /view_employee.php ID sql injection

CVE-2025-48891 | Advantech iView CUtils.checkSQLInjection sql injection (icsa-25-191-08)