QSearchQSearch

CVE-2026-45701

Sulu is an open-source PHP content management system based on the Symfony framework

Published: 2026-06-01 · Last updated: 2026-06-01

Severity and scoring

CWE
CWE-327

Description

Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash algorithm. This issue has been patched in versions 2.6.23 and 3.0.6.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-9261 Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier (6.8 MEDIUM)
  • CVE-2026-50086 The Aqara IAM/SSO gateway (gw-builder.aqara.com) exposes bidirectional AES round-trups against the platform's signing key without authent... (10.0 CRITICAL)
  • CVE-2026-40996 Wss4jSecurityInterceptor defaulted allowRSA15KeyTransportAlgorithm to true, overriding Apache WSS4J's safer default for validation Reques... (4.8 MEDIUM)
  • CVE-2025-10237 During an internal security assessment, a potential vulnerability was discovered in some ThinkPad embedded controller firmware that could... (6.7 MEDIUM)
  • CVE-2026-11481 A vulnerability was determined in yoanbernabeu grepai up to 0.35.0 (2.5 LOW)