Browse all 4 CVE security advisories affecting pontedilana. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-49359 | PhpWeasyPrint vulnerable to SSRF and local file disclosure via the attachment option — php-weasyprintCWE-918 | 6.5 | Medium | 2026-06-19 |
| CVE-2026-49286 | PhpWeasyPrint vulnerable to PHAR deserialization via output filename (CVE-2023-28115 case-insensitive bypass) — php-weasyprintCWE-502 | 8.1 | High | 2026-06-19 |
| CVE-2026-49260 | PhpWeasyPrint: shell command injection via configurable WeasyPrint binary path due to inverted is_executable() guard (mirror of KnpLabs/snappy GHSA-vpr4-p6fq-85jc) — php-weasyprintCWE-78 | 8.2 | High | 2026-06-19 |
| CVE-2026-49358 | PhpWeasyPrint vulnerable to arbitrary file deletion at shutdown via public $temporaryFiles — php-weasyprintCWE-73 | 3.0 | Low | 2026-06-19 |
This page lists every published CVE security advisory associated with pontedilana. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.