CVE-2026-45660 | Statamic CMS up to 5.73.21/6.18.0 URL Validation server-side request forgery (GHSA-pf9c-ch8r-2958)

A vulnerability identified as critical has been detected in Statamic CMS up to 5.73.21/6.18.0. Affected by this issue is some unknown functionality of the component URL Validation Handler. The manipulation leads to server-side request forgery.

This vulnerability is listed as CVE-2026-45660. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More