CVE-2026-46643

CVE-2026-46643

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.1, on POSIX, escapeshellarg(‘/usr/bin/wkhtmltopdf’) returns the literal string ‘/usr/bin/wkhtmltopdf’ with the single-qu…

Vulnerability class: Command Injection (OS Command Injection)

Weakness classification (CWE)

References