CVE-2026-27939 | Statamic CMS up to 6.3.x improper authentication (GHSA-rw9x-pxqx-q789)

February 28, 2026 Yanac

A vulnerability was found in Statamic CMS up to 6.3.x and classified as critical. Impacted is an unknown function. Such manipulation leads to improper authentication.

This vulnerability is traded as CVE-2026-27939. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2026-28417 | vim up to 9.2.0072 URL cross site scripting (GHSA-m3xh-9434-g336)
CVE-2026-28425 | Statamic CMS up to 5.73.10/6.3.x code injection (GHSA-cpv7-q2wx-m8rw)