CVE-2026-45754
MEDIUM SEVERITYVulnerability Description
Symfony's Mailjet Mailer Webhook Parser Never Verifies the Configured Secret — Unauthenticated Webhook Event Injection
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
composer
Product
symfony/lox24-notifier
External References
- https://github.com/symfony/symfony/security/advisories/GHSA-64hg-93w9-fc35
- https://github.com/symfony/symfony/commit/4aaa45dd054f73445f1ab254968b7e60b546cc77
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/lox24-notifier/CVE-2026-45754.yaml
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/mailjet-mailer/CVE-2026-45754.yaml
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2026-45754.yaml
- https://symfony.com/cve-2026-45754
- https://github.com/advisories/GHSA-64hg-93w9-fc35
Discussion (0)
Add Comment
No comments yet. Be the first!