πŸ” CVE Alert

CVE-2026-47351

UNKNOWN 0.0

TYPO3 CMS - Broken Access Control in Clipboard

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
11th

Backend users were able to insert arbitrary records and files into the TYPO3 clipboard without proper read permission checks, which allowed users to gather information about records and files they were not authorized to view. This issue affects TYPO3 CMS versions 10.4.0-13.4.30 and 14.0.0-14.3.2.

CWE CWE-862 CWE-200
Vendor typo3
Product typo3 cms
Published Jun 9, 2026
Last Updated Jun 9, 2026
Stay Ahead of the Next One

Get instant alerts for typo3 typo3 cms

Be the first to know when new unknown vulnerabilities affecting typo3 typo3 cms are published β€” delivered to Slack, Telegram or Discord.

Get Free Alerts β†’ Free Β· No credit card Β· 60 sec setup

Affected Versions

TYPO3 / TYPO3 CMS
10.4.0 < 13.4.31 14.0.0 < 14.3.3

References

NVD β†— CVE.org β†— EPSS Data β†—
typo3.org: https://typo3.org/security/advisory/typo3-core-sa-2026-014 github.com: https://github.com/TYPO3/typo3/commit/932fbb9fcea25094e8bcc0f0ec5aab56b1d92451 github.com: https://github.com/TYPO3/typo3/commit/2740707563343d78184c0b7c6303a7484553d7f3

Credits

πŸ” Vincent Yang Elias HΓ€ußler