statamic/cms Security Advisories for v6.7.3 (2)
-
[MEDIUM] Statamic CMS vulnerable to email enumeration via forgot password endpoint
PKSA-ynr1-y6st-8cwm CVE-2026-44306 GHSA-m24v-f7g5-gq67
Affected version: >=6.0.0,<6.15.0|<5.73.21
Reported by:
GitHub -
[HIGH] Statamic: Unsafe method invocation via query value resolution allows data destruction
PKSA-yx2m-bjk3-fnky CVE-2026-41175 GHSA-4jjr-vmv7-wh4w
Affected version: >=6.0.0-alpha.1,<6.13.0|<5.73.20
Reported by:
GitHub