CVE-2026-44738: CVE-2026-44738: Grav CMS Twig Sandbox Information Disclosure via Config::toArray()

1 / 2

CVE-2026-44738: CVE-2026-44738: Grav CMS Twig Sandbox Information Disclosure via Config::toArray()

DEV Community·CVE Reports·19 days ago

#GqnbdR1R

#gravversion200rc2release #security #cve #cybersecurity #grav #twig

Reading 0:00

15s threshold

CVE-2026-44738: Grav CMS Twig Sandbox Information Disclosure via Config::toArray() Vulnerability ID: CVE-2026-44738 CVSS Score: 7.7 Published: 2026-05-13 An information disclosure vulnerability in the Grav CMS file-based Web platform allows authenticated users with the admin.pages role to bypass Twig sandbox restrictions. By invoking the config.toArray() method, attackers can expose complete system configurations, including highly sensitive SMTP passwords, API tokens, and cloud service credentials. TL;DR Authenticated Grav CMS users with page-editing privileges can inject a specific Twig template payload to bypass the security sandbox. This action dumps the entire site configuration, exposing critical secrets such as AWS keys and OAuth client secrets to the attacker.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

CVE-2026-44738: CVE-2026-44738: Grav CMS Twig Sandbox Information Disclosure via Config::toArray()