CRITICAL9.3CVE-2026-27593Statamic is vulnerable to account takeover via password reset link injection from 0, < 5.73.10
HIGH8.8CVE-2026-27939Statamic allows Authenticated Control Panel users to escalate privileges via elevated session bypass >= 6.0.0, < 6.4.0
HIGH8.8Statamic CMS vulnerable to remote code execution via form uploads
>= 4.0.0, < 4.34.0
HIGH8.8Statamic framework Incorrect Permission Assignment
from 0, < 2.6.0
HIGH8.7Statamic has Stored XSS via SVG Sanitization Bypass
>= 6.0.0-alpha.1, < 6.7.0
HIGH8.7Statamic vulnerable to privilege escalation via stored cross-site scripting
from 0, < 5.73.11
HIGH8.7Statamic CMS vulnerable to privilege escalation via stored cross-site scripting
>= 6.0.0, < 6.2.3
HIGH8.3Statamic CMS remote code execution via front-end form uploads
>= 4.0.0, < 4.33.0
HIGH8.2Statmic CMS vulnerable to account takeover via XSS and password reset link
>= 4.00, < 4.46.0
HIGH8.1Statamic: Unsafe method invocation via query value resolution allows data destruction
from 0, < 5.73.20
HIGH8.1Statamic affected by privilege escalation via stored cross-site scripting
>= 6.0.0-alpha.1, < 6.3.2
HIGH8.0Statamic vulnerable to remote code execution via Antlers-enabled control panel inputs
from 0, < 5.73.16
HIGH8.0Statamic Vulnerable to Superadmin Account Takeover via Stored Cross-Site Scripting and Lack of Proper X-CSRF-TOKEN Server-Side Validation
from 0, < 5.22.1
HIGH7.5Cross-site Scripting via uploaded assets
from 0, < 3.4.15
MEDIUM6.8Statamic Vulnerable to Server-Side Request Forgery via Glide
from 0, < 5.73.11
MEDIUM6.5Statamic's sensitive configuration values are exposed to content editors via Antlers-enabled fields
>= 5.73.12, < 5.73.16
MEDIUM6.5Statamic's Markdown preview endpoint exposes sensitive user data
from 0, < 5.73.16
MEDIUM6.5Statamic's missing authorization allows access to email addresses
from 0, < 5.73.11
MEDIUM6.1Statamic has an Open Redirect on unauthenticated endpoints via URL parsing differential
from 0, < 5.73.16
MEDIUM6.1Statamic has Reflected XSS via unescaped redirect parameter in its password reset form tag
from 0, < 5.73.16
MEDIUM5.5Statamic's Antlers sanitizer cannot effectively sanitize malicious SVG
from 0, < 4.10.0
MEDIUM5.4Statamic CMS: Server-Side Request Forgery via Glide
from 0, < 5.73.22
MEDIUM5.4Statamic allows unauthorized content access through missing authorization in its revision controllers
from 0, < 5.73.16
MEDIUM5.4Statamic vulnerable to privilege escalation via stored cross-site scripting
>= 6.0.0, < 6.6.2
MEDIUM5.3Statamic CMS vulnerable to email enumeration via forgot password endpoint
from 0, < 5.73.21
MEDIUM5.3Statamic CMS has a Path Traversal in Asset Upload
from 0, < 5.17.0
MEDIUM4.3Statamic's live preview token bypasses content protection for unrelated entries
from 0, < 5.73.16
MEDIUM4.3Statamic is missing authorization check on taxonomy term creation via fieldtype
>= 6.0.0-alpha.1, < 6.7.0
MEDIUM4.3Statamic has a path traversal in file dictionary fieldtype
>= 6.0.0-alpha.1, < 6.7.0
MEDIUM4.3Statamic CMS's missing authorization allows access to assets
from 0, < 5.73.6
LOW3.7Discoverability of user password hash in Statamic CMS
from 0, < 3.2.39
LOW1.8Password confirmation stored in plain text via registration form in statamic/cms
>= 5.3.0, < 5.6.2