VYPR
Vendor

Packagist

Products
2
CVEs
3
Across products
3
Status
Private

Products

2

Recent CVEs

3
  • CVE-2026-48500Jun 22, 2026
    risk 0.00cvss epss 0.00

    Filament is a collection of full-stack components for accelerated Laravel development. From 3.0.0 until 3.3.52, 4.11.5, and 5.6.5, any schema can contain a file upload form field, so Filament applies Livewire's WithFileUploads trait to the Livewire component the schema is…

  • CVE-2026-56384Jun 21, 2026
    risk 0.00cvss epss 0.00

    Craft CMS contains a missing authorization vulnerability in the assets/preview-thumb endpoint. A Control Panel user without permission to view a target private asset can call the endpoint with an attacker-controlled assetId and receive preview HTML containing a signed fallback…

  • CVE-2026-56382Jun 21, 2026
    risk 0.00cvss epss 0.00

    Craft CMS (composer package craftcms/cms) versions >= 5.5.0 and <= 5.9.13 contain a remote code execution vulnerability in the FieldsController::actionRenderCardPreview() method, which passes the fieldLayoutConfig POST parameter directly to Fields::createLayout() without calling…