Known Vulnerabilities for products from Statamic
Listed below are 15 of the newest known vulnerabilities associated with the vendor "Statamic".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-49288 json | Not Provided | 2026-06-19 | 2026-06-22 | |
| CVE-2026-49287 json | Not Provided | 2026-06-19 | 2026-06-22 | |
| CVE-2026-45660 json | Not Provided | 2026-05-29 | 2026-05-29 | |
| CVE-2026-44306 json | Not Provided | 2026-05-12 | 2026-05-12 | |
| CVE-2026-41175 json | Not Provided | 2026-04-22 | 2026-04-23 | |
| CVE-2026-33887 json | Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.16 and 6.7.2, authenticated Con... | Not Provided | 2026-03-27 | 2026-04-08 |
| CVE-2026-33886 json | Not Provided | 2026-03-27 | 2026-03-31 | |
| CVE-2026-33885 json | Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.16 and 6.7.2, the external URL ... | Not Provided | 2026-03-27 | 2026-04-08 |
| CVE-2026-33884 json | Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.16 and 6.7.2, an authenticated ... | Not Provided | 2026-03-27 | 2026-04-08 |
| CVE-2026-33883 json | Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.16 and 6.7.2, the `user:reset_p... | Not Provided | 2026-03-27 | 2026-04-08 |
| CVE-2026-33882 json | Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.16 and 6.7.2, the markdown prev... | Not Provided | 2026-03-27 | 2026-04-08 |
| CVE-2026-27196 json | Statmatic is a Laravel and Git powered content management system (CMS). Versions 5.73.8 and below in addition to 6.0.0-alpha.... | Not Provided | 2026-02-21 | 2026-03-30 |
| CVE-2023-48701 json | 6.1 - MEDIUM | 2023-11-21 | 2023-11-30 | |
| CVE-2023-47129 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2023-11-10 | 2023-11-17 |
| CVE-2023-36828 json | Statamic is a flat-first, Laravel and Git powered content management system. Prior to version 4.10.0, the SVG tag does not sa... | 5.4 - MEDIUM | 2023-07-05 | 2023-07-12 |
| CVE-2022-24784 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 3.7 - LOW | 2022-03-25 | 2023-06-30 |
| CVE-2021-45364 json | ** DISPUTED ** A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php. NOTE: the... | 9.8 - CRITICAL | 2022-02-10 | 2023-11-07 |
| CVE-2018-19598 json | Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an 'Add new user' request. | 4.8 - MEDIUM | 2018-12-19 | 2019-02-26 |
| CVE-2017-11422 json | Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are cal... | Not Provided | 2017-07-24 | 2025-04-20 |
Known software with vulnerabilities from Statamic
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Statamic | Statamic | 2.0.0 |