{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-46639/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["twig/twig (\u003e= 3.24.0, \u003c 3.26.0)"],"_cs_severities":["high"],"_cs_tags":["twig","sandbox-bypass","cve-2026-46639"],"_cs_type":"advisory","_cs_vendors":["Twig"],"content_html":"\u003cp\u003eTwig versions 3.24.0 to 3.26.0 contain a sandbox bypass vulnerability (CVE-2026-46639) due to the object-destructuring assignment syntax introduced in version 3.24.0. This syntax generates a call to \u003ccode\u003eCoreExtension::getAttribute()\u003c/code\u003e with the \u003ccode\u003e$sandboxed\u003c/code\u003e argument hardcoded to \u003ccode\u003efalse\u003c/code\u003e, effectively disabling property and method policy checks. An attacker with write access to a sandboxed Twig template can exploit this to read any public property or invoke any public getter on objects passed to the template engine, bypassing the intended \u003ccode\u003eSecurityPolicy\u003c/code\u003e restrictions. The exploit requires only the \u003ccode\u003e{% do %}\u003c/code\u003e tag to be in \u003ccode\u003eallowedTags\u003c/code\u003e, a common configuration in many Twig deployments. This bypass allows attackers to potentially gain sensitive information or execute arbitrary code depending on the objects passed to the template.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker gains write access to a Twig template file within a sandboxed environment.\u003c/li\u003e\n\u003cli\u003eThe attacker injects a Twig template containing an object-destructuring assignment expression, such as \u003ccode\u003e{% set { foo, bar } = my_object %}\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe Twig template engine parses and compiles the modified template.\u003c/li\u003e\n\u003cli\u003eDuring compilation, the \u003ccode\u003eObjectDestructuringSetBinary::compile()\u003c/code\u003e function is invoked.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eObjectDestructuringSetBinary::compile()\u003c/code\u003e generates a call to \u003ccode\u003eCoreExtension::getAttribute()\u003c/code\u003e with the \u003ccode\u003e$sandboxed\u003c/code\u003e argument set to \u003ccode\u003efalse\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eWhen the template is rendered, the \u003ccode\u003egetAttribute()\u003c/code\u003e function is executed without enforcing the sandbox\u0026rsquo;s property and method access restrictions.\u003c/li\u003e\n\u003cli\u003eThe attacker is able to read public properties and invoke public getters of \u003ccode\u003emy_object\u003c/code\u003e that would normally be blocked by the \u003ccode\u003eSecurityPolicy\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages the ability to access sensitive data or trigger unintended behavior, potentially escalating privileges or gaining further access to the system.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability (CVE-2026-46639) allows attackers to bypass the Twig sandbox, potentially leading to information disclosure or arbitrary code execution. The number of affected installations is unknown, but any Twig application using versions 3.24.0 to 3.26.0 with a sandboxed environment is vulnerable if an attacker can modify the template files. The primary impact is a loss of confidentiality and integrity within the application, as attackers can access sensitive data or modify application behavior.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Twig version 3.26.0 or later to patch CVE-2026-46639.\u003c/li\u003e\n\u003cli\u003eImplement strict access controls to prevent unauthorized modification of Twig template files.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect Twig Sandbox Bypass via getAttribute\u003c/code\u003e to detect exploitation attempts based on the vulnerable \u003ccode\u003egetAttribute()\u003c/code\u003e calls.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-21T21:32:33Z","date_published":"2026-05-21T21:32:33Z","id":"https://feed.craftedsignal.io/briefs/2026-05-twig-sandbox-bypass/","summary":"A vulnerability in Twig versions 3.24.0 to 3.26.0 (CVE-2026-46639) allows an attacker with write access to a sandboxed Twig template to bypass security policy restrictions by exploiting object-destructuring assignment to read any public property or invoke any public getter on objects passed to the template engine.","title":"Twig Sandbox Bypass via Object Destructuring Assignment (CVE-2026-46639)","url":"https://feed.craftedsignal.io/briefs/2026-05-twig-sandbox-bypass/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-46639","version":"https://jsonfeed.org/version/1.1"}