CVE-2026-4809

{"id": "CVE-2026-4809", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2026-4809", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "yes"}, {"technicalImpact": "total"}], "version": "2.0.3", "timestamp": "2026-03-26T13:41:20.442496Z"}}], "cvssMetricV2": [{"type": "Secondary", "source": "309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "affected": [{"source": "309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c", "affectedData": [{"vendor": "plank", "product": "laravel-mediable", "versions": [{"status": "affected", "version": "<= 6.4.0"}], "defaultStatus": "unaffected"}]}], "published": "2026-03-26T11:16:21.440", "references": [{"url": "https://github.com/plank/laravel-mediable", "source": "309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c"}, {"url": "https://github.com/plank/laravel-mediable/releases/tag/6.4.0", "source": "309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while declaring a benign image MIME type, resulting in arbitrary file upload. If the uploaded file is stored in a web-accessible and executable location, this may lead to remote code execution. At the time of publication, no patch was available and the vendor had not responded to coordinated disclosure attempts."}, {"lang": "es", "value": "plank/laravel-mediable hasta la versi\u00f3n 6.4.0 puede permitir la carga de un tipo de archivo peligroso cuando una aplicaci\u00f3n que utiliza el paquete acepta o prefiere un tipo MIME proporcionado por el cliente durante el manejo de la carga de archivos. En esa configuraci\u00f3n, un atacante remoto puede enviar un archivo que contiene c\u00f3digo PHP ejecutable mientras declara un tipo MIME de imagen benigno, lo que resulta en la carga arbitraria de archivos. Si el archivo cargado se almacena en una ubicaci\u00f3n accesible por la web y ejecutable, esto puede conducir a la ejecuci\u00f3n remota de c\u00f3digo. En el momento de la publicaci\u00f3n, no hab\u00eda ning\u00fan parche disponible y el proveedor no hab\u00eda respondido a los intentos de divulgaci\u00f3n coordinada."}], "lastModified": "2026-06-17T10:57:16.013", "sourceIdentifier": "309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c"}