github.com
Craft CMS Vulnerability CVE-2026-55794 Allows Authenticated RCE via HTTP Referrer
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Craft CMS versions 5.9.0 and above prior to 5.10.0 are vulnerable to authenticated remote code execution (RCE) due to a flaw in how the control panel processes the HTTP Referrer header. Users with edit permissions can execute unsandboxed Twig code when saving entries, as the signed redirect URL is compiled as a Twig template without using a sandboxed alternative. This vulnerability has been assigned CVE-2026-55794 and was published on July 1, 2026. The issue has been addressed in Craft CMS version 5.10.0, and affected users are advised to update to this version or higher to mitigate the risk.
Key Points: • CVE-2026-55794 affects Craft CMS versions 5.9.0 to 5.9.9. • Authenticated users can exploit the vulnerability via the HTTP Referrer header. • The issue has been fixed in Craft CMS version 5.10.0.