高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
公開POCは見つかりませんでした。
ログインしてAI POCを生成| CVE-2026-45133 | Symfony: [Yaml] Harden the parser when handling untrusted input | |
| CVE-2026-46644 | symfony/polyfill-intl-idn accepts xn-- labels whose Punycode payload decodes to ASCII-only | |
| CVE-2026-48761 | Symfony: HtmlSanitizer UrlAttributeSanitizer Misses URL Attributes on <object>, <applet>, | |
| CVE-2026-48736 | Symfony: IpUtils::PRIVATE_SUBNETS Omits IPv6 Transition Forms (6to4, NAT64, Teredo, IPv4-c | |
| CVE-2026-48747 | Symfony: Mailomat Mailer Webhook Parser Reads the HMAC Algorithm from the Request: Signatu | |
| CVE-2026-48760 | Symfony: HtmlSanitizer URL Parser Deny Gates Underinclusive: Percent-Encoded BiDi Marks an | |
| CVE-2026-48489 | Symfony: Security Firewall Bypass via failure_forward Subrequest: Unauthenticated Access t | |
| CVE-2026-48784 | Symfony: UrlGenerator Dot-Segment Encoding Skips Every Other Chained `../` or `./` → Gener | |
| CVE-2026-47212 | Symfony: Twilio Notifier Webhook Parser Never Verifies the X-Twilio-Signature HMAC: Unauth | |
| CVE-2026-45068 | Symfony: Argument Injection in SendmailTransport via Dash-Prefixed Recipient Address | |
| CVE-2026-45071 | Symfony: XXE (Local File Disclosure) in DomCrawler::addXmlContent() via validateOnParse = | |
| CVE-2026-47767 | Symfony: SymfonyRuntime CVE-2024-50340 Patch Bypass: Web Requests Can Still Set APP_ENV/AP | |
| CVE-2026-45075 | Symfony: HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureVali | |
| CVE-2026-45304 | Symfony: YAML Parser Exponential Memory Allocation via Recursive Collection-Alias Expansio | |
| CVE-2026-45063 | Symfony: Identity Spoofing via Unanchored DN Regex in X509Authenticator | |
| CVE-2026-45756 | Symfony: JsonPath Evaluates Attacker-Controlled Regular Expressions in match()/search() Wi | |
| CVE-2026-45754 | Symfony: Mailjet Mailer Webhook Parser Never Verifies the Configured Secret — Unauthentica | |
| CVE-2026-45069 | Symfony: OidcTokenHandler Accepts JWTs Missing aud/iss/exp Claims | |
| CVE-2026-45753 | Symfony: HtmlSanitizer UrlAttributeSanitizer Omits action/formaction/poster/cite — javascr | |
| CVE-2026-45072 | Symfony: Stored XSS in WebProfiler CodeExtension::fileExcerpt() — Unescaped Non-PHP File R |
Showing 20 of 30 CVEs. View all on vendor page →
まだコメントはありません