CVE-2026-25633 in Statamicinformation

Résumé

par MITRE • 11/02/2026

Statamic is a, Laravel + Git powered CMS designed for building websites. Prior to 5.73.6 and 6.2.5, users without permission to view assets are able are able to download them and view their metadata. Logged-out users and users without permission to access the control panel are unable to take advantage of this. This has been fixed in 5.73.6 and 6.2.5.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

GitHub M

Réserver

04/02/2026

Divulgation

11/02/2026

Modérer

accepté

Entrée

VDB-345649

CPE

prêt

CWE

CWE-862 (confirmé)

CVSS

4.3 (CNA)

EPSS

0.00014

KEV

non

Activités

très faible

Secteur

Lawfirm, Hostingprovider, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-25633
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-25633
CVE Details	https://www.cvedetails.com/cve/CVE-2026-25633/

◂ Précédent Aperçu Suivant ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!