NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-47266

Summary	Formie is a Craft CMS plugin for creating forms. Prior to 2.2.21 and 3.1.26, unauthenticated users could modify existing submissions by posting a known or guessed submission ID to formie/submissions/save-submission. This vulnerability is fixed in 2.2.21 and 3.1.26.
Publication Date	May 30, 2026, 5:16 a.m.
Registration Date	May 31, 2026, 4:15 a.m.
Last Update	May 30, 2026, 5:21 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/verbb/formie/releases/tag/2.2.21	security-advisories@github.com
2	https://github.com/verbb/formie/releases/tag/3.1.26	security-advisories@github.com
3	https://github.com/verbb/formie/security/advisories/GHSA-pgxq-p76c-x9cg	security-advisories@github.com

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-639	ユーザ制御の鍵による認証回避	https://cwe.mitre.org/data/definitions/639.html