Laravel

A vulnerability in Laravel allows an attacker to bypass the security policy; specifically, laravel/framework versions 12.x before 12.60.0 and 13.x before 13.10.0 are affected (CVE-2026-48019).

An authenticated Sharp user with view access to at least one valid Sharp entity instance can download unrelated files from configured Laravel Storage disks by manipulating the `disk` and `path` parameters in the generic download endpoint, potentially exposing sensitive data like backups and internal documents; this vulnerability is tracked as CVE-2026-44692.

Laravel Passport versions 13.0.0 before 13.7.1 contain an authentication bypass vulnerability (CVE-2026-39976) where machine-to-machine tokens can authenticate as a real user due to improper validation of the JWT sub claim.

A path traversal vulnerability exists in Sharp CMS versions prior to 9.20.0 due to improper sanitization of file extensions, potentially allowing attackers to bypass security restrictions and access sensitive files.

The code16/sharp Laravel admin panel package contains a vulnerability in its file upload endpoint that allows authenticated users to bypass all file type restrictions by manipulating the validation_rule parameter, potentially leading to Remote Code Execution (RCE) if the storage disk is configured to be publicly accessible.