CVE Watchtower

CVE-2026-47351NVD

Vulnerability Summary

Backend users were able to insert arbitrary records and files into the TYPO3 clipboard without proper read permission checks, which allowed users to gather information about records and files they were not authorized to view. This issue affects TYPO3 CMS versions 10.4.0-13.4.30 and 14.0.0-14.3.2.

Severity Level

UNKNOWN

Published Date

Jun 9, 2026

Last Modified

Jun 11, 2026

Exploitation Status

????

EPSS Score (30-Day)

0.04%Probability

Root Weakness (CWE)

N/A

External References

https://typo3.org/security/advisory/typo3-core-sa-2026-014
https://github.com/TYPO3/typo3/commit/932fbb9fcea25094e8bcc0f0ec5aab56b1d92451
https://github.com/TYPO3/typo3/commit/2740707563343d78184c0b7c6303a7484553d7f3