TYPO3-CORE-SA-2026-019: Broken Access Control in Form Framework
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-018: Insecure Deserialization in Core API
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-017: Privilege Escalation & SQL Injection in Form Framework
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-016: Broken Access Control in File Abstraction Layer
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-015: Broken Access Control in Backend API
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-014: Broken Access Control in Clipboard
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-013: Broken Access Control in Media Module
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-012: Broken Access Control in DataHandler
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-011: Broken Access Control in Recycler
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-010: Cross-Site Scripting in Indexed Search
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-009: Open Redirect in TYPO3 CMS
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-008: Broken Access Control in Form Framework
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-007: Broken Access Control in File Abstraction Layer
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-006: By-passing Cross-Site Scripting Protection in HTML Sanitizer
It has been discovered that TYPO3 CMS is…
TYPO3-EXT-SA-2026-013: Remote Code Execution in extension "Content Element Selector" (ceselector)
It has been discovered that the extension "Content…
TYPO3-EXT-SA-2026-012: SQL Injection in extension "Address List" (tt_address)
It has been discovered that the extension "Address…
TYPO3-EXT-SA-2026-011: Multiple vulnerabilities in extension "Faceted Search" (ke_search)
It has been discovered that the extension "Faceted…
TYPO3-EXT-SA-2026-010: SQL Injection in extension "News system" (news)
It has been discovered that the extension "News…
TYPO3-EXT-SA-2026-009: Broken Access Control in extension "Frontend User Registration" (sf_register)
It has been discovered that the extension…
TYPO3-EXT-SA-2026-008: Remote Code Execution in extension "Site Crawler" (crawler)
It has been discovered that the extension "Site…
TYPO3-CORE-SA-2026-005: Cleartext storage of Backend User Passwords
It has been discovered that TYPO3 CMS is…
TYPO3-CORE-SA-2026-005: Cleartext storage of Backend User Passwords
It has been discovered that TYPO3 CMS is…
Announcing a Third Election Round for the TYPO3 Association Board
Since none of the remaining candidates achieved…
Vote Now! Budget 2026 Ideas for Round Two Have Been Published
The call for community budget ideas for the second…