CyberRota
← Ana sayfaya dön

CVE-2026-48067

MEDIUM · CVSS 6.5 EPSS %0.18 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-22T22:16:46.480 · Çekilme zamanı: 2026-06-30T18:29:41.579985+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

GitHub PoC Linkleri
github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-48067
Severity
MEDIUM
CVSS
6.5
EPSS
%0.18

Orijinal NVD Açıklaması

Filament is a collection of full-stack components for accelerated Laravel development. From filament/actions 4.0.0 until 4.11.4 and 5.6.4 and from filament/tables 3.0.0 until 3.3.51, the recordSelectOptionsQuery() method may be used to scope the options available in the Select field for AttachAction and AssociateAction. However, the built-in validation rule for these fields did not apply the same scope. As a result, a user who can trigger these actions could tamper with the Livewire component's state and submit an out-of-scope value. This vulnerability is fixed in filament/actions 4.11.4 and 5.6.4 and filament/tables 3.3.51.