Craftercms Craftercms

6 CVEs affecting Craftercms Craftercms. Latest disclosed: 2026-02-02. Critical: 2, High: 1.

Top CVEs affecting Craftercms Craftercms
CVESeverityScorePublishedSummary
CVE-2025-6384Critical9.12025-06-19Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via…
CVE-2025-0502Critical9.12025-01-15Transmission of Private Resources into a New Sphere ('Resource Leak') vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Dire…
CVE-2023-4136High7.42023-08-03Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64…
CVE-2023-26020Medium5.72023-02-17Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit…
CVE-2023-33194Low3.72023-05-26Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message…
CVE-2026-17702026-02-02Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands vi…