CVE-2026-48806: Sandbox `__toString()` policy bypass via dynamic mapping keys
CVE-2026-48806: Sandbox `__toString()` policy bypass via dynamic mapping keys
Affected versions Twig versions <=3.26.0 are affected by this security issue. The issue has been fixed in Twig 3.27.0. Description This is a residual bypass of CVE-2026-47732 / GHSA-pr2w-4gpj-cpq4 left after the initial fix for unguarded __toString()…
Soutenez Symfony Blog en consultant la ressource originale
Lire l'article originalVous aimez découvrir ces sources ?
Soutenez-moi sur Patreon
