CVE-2026-0859 | TYPO3 CMS up to 10.4.54/11.5.48/12.4.40/13.4.22/14.0.1 mail‑file Spool deserialization

A vulnerability classified as problematic was found in TYPO3 CMS up to 10.4.54/11.5.48/12.4.40/13.4.22/14.0.1. This issue affects some unknown processing of the component mail‑file Spool Handler. Executing a manipulation can lead to deserialization.

The identification of this vulnerability is CVE-2026-0859. The attack can only be executed locally. There is no exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More