VYPR

Laravel Mediable

by Plank

CVEs (1)

  • CVE-2026-4809CriMar 26, 2026
    risk 0.64cvss 9.8epss 0.01

    plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing…