Craftercms Craftercms
6 CVEs affecting Craftercms Craftercms. Latest disclosed: 2026-02-02. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-6384 | Critical | 9.1 | 2025-06-19 | Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via… |
CVE-2025-0502 | Critical | 9.1 | 2025-01-15 | Transmission of Private Resources into a New Sphere ('Resource Leak') vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Dire… |
CVE-2023-4136 | High | 7.4 | 2023-08-03 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64… |
CVE-2023-26020 | Medium | 5.7 | 2023-02-17 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit… |
CVE-2023-33194 | Low | 3.7 | 2023-05-26 | Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message… |
CVE-2026-1770 | | 2026-02-02 | Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands vi… |