Symfony Twig
2 CVEs affecting Symfony Twig. Latest disclosed: 2026-05-20. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-24425 | High | 8.8 | 2026-05-20 | Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template ren… |
CVE-2015-7809 | | 2015-11-06 | The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attackers to execute arbitrary code via t… |