CVE-2026-48489
HIGH SEVERITYVulnerability Description
Symfony: Security Firewall Bypass via failure_forward Subrequest: Unauthenticated Access to access_control-Protected GET Routes
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
composer
Product
symfony/security-http
External References
- https://github.com/symfony/symfony/security/advisories/GHSA-6h46-9jf5-q59x
- https://github.com/symfony/symfony/commit/c48a4276309e11aedeeb0ce3a89dfbf0b4fe04ff
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2026-48489.yaml
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2026-48489.yaml
- https://symfony.com/cve-2026-48489
- https://github.com/advisories/GHSA-6h46-9jf5-q59x
Discussion (0)
Add Comment
No comments yet. Be the first!