Known Vulnerabilities for products from Laravel
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Laravel".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-48811 json | Not Provided | 2026-05-29 | 2026-06-01 | |
| CVE-2026-48810 json | Not Provided | 2026-05-29 | 2026-06-01 | |
| CVE-2026-48557 json | Not Provided | 2026-05-29 | 2026-05-29 | |
| CVE-2026-48555 json | Not Provided | 2026-05-29 | 2026-05-29 | |
| CVE-2026-47123 json | Not Provided | 2026-05-29 | 2026-06-02 | |
| CVE-2026-45660 json | Not Provided | 2026-05-29 | 2026-05-29 | |
| CVE-2026-45294 json | Not Provided | 2026-05-29 | 2026-06-02 | |
| CVE-2026-44306 json | Not Provided | 2026-05-12 | 2026-05-12 | |
| CVE-2026-44262 json | Not Provided | 2026-05-12 | 2026-05-13 | |
| CVE-2026-41906 json | Not Provided | 2026-05-07 | 2026-05-08 | |
| CVE-2026-39976 json | Laravel Passport provides OAuth2 server support to Laravel. From 13.0.0 to before 13.7.1, there is an Authentication Bypass f... | Not Provided | 2026-04-09 | 2026-06-02 |
| CVE-2022-40482 json | The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be vulnerable to user enumeration via ti... | 5.3 - MEDIUM | 2023-04-25 | 2023-05-04 |
| CVE-2022-34943 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further inv... | Not Provided | 2022-08-03 | 2023-11-07 |
| CVE-2022-31279 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further inv... | Not Provided | 2022-06-07 | 2023-11-07 |
| CVE-2022-30779 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further inv... | Not Provided | 2022-05-16 | 2023-11-07 |
| CVE-2022-30778 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further inv... | Not Provided | 2022-05-16 | 2023-11-07 |
| CVE-2022-25838 json | Laravel Fortify before 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP"... | 8.1 - HIGH | 2022-02-24 | 2022-03-08 |
| CVE-2022-2886 json | A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an unknown function. The manipulatio... | 8.8 - HIGH | 2022-08-19 | 2022-08-22 |
| CVE-2022-2870 json | A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manip... | 9.8 - CRITICAL | 2022-08-17 | 2022-08-19 |
| CVE-2021-43808 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2021-12-08 | 2022-08-09 |