Known Vulnerabilities for products from Laravel
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Laravel".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-39384 json | Not Provided | 2026-04-07 | 2026-04-07 | |
| CVE-2026-35584 json | Not Provided | 2026-04-07 | 2026-04-07 | |
| CVE-2026-34456 json | Not Provided | 2026-04-01 | 2026-04-02 | |
| CVE-2026-34443 json | Not Provided | 2026-03-31 | 2026-04-01 | |
| CVE-2026-34442 json | Not Provided | 2026-03-31 | 2026-04-01 | |
| CVE-2026-33887 json | Not Provided | 2026-03-27 | 2026-03-30 | |
| CVE-2026-33886 json | Not Provided | 2026-03-27 | 2026-03-31 | |
| CVE-2026-33885 json | Not Provided | 2026-03-27 | 2026-03-31 | |
| CVE-2026-33884 json | Not Provided | 2026-03-27 | 2026-03-30 | |
| CVE-2026-33883 json | Not Provided | 2026-03-27 | 2026-03-30 | |
| CVE-2022-40482 json | The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be vulnerable to user enumeration via ti... | 5.3 - MEDIUM | 2023-04-25 | 2023-05-04 |
| CVE-2022-34943 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further inv... | Not Provided | 2022-08-03 | 2023-11-07 |
| CVE-2022-31279 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further inv... | Not Provided | 2022-06-07 | 2023-11-07 |
| CVE-2022-30779 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further inv... | Not Provided | 2022-05-16 | 2023-11-07 |
| CVE-2022-30778 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further inv... | Not Provided | 2022-05-16 | 2023-11-07 |
| CVE-2022-25838 json | Laravel Fortify before 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP"... | 8.1 - HIGH | 2022-02-24 | 2022-03-08 |
| CVE-2022-2886 json | A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an unknown function. The manipulatio... | 8.8 - HIGH | 2022-08-19 | 2022-08-22 |
| CVE-2022-2870 json | A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manip... | 9.8 - CRITICAL | 2022-08-17 | 2022-08-19 |
| CVE-2021-43808 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2021-12-08 | 2022-08-09 |
| CVE-2021-43617 json | Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validati... | 9.8 - CRITICAL | 2021-11-14 | 2021-11-18 |