CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2025-54068(3)	High	46.0%	LaravelLivewire	Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote command execution in specific scenarios.	Mar 20, 2026	KEV
CVE-2018-15133	High	84.4%	LaravelLaravel Framework	Laravel Framework contains a deserialization of untrusted data vulnerability, allowing for remote command execution. This vulnerability may only be exploited if a malicious user has accessed the application encryption key (APP_KEY environment variable).	Jan 16, 2024	KEV
CVE-2021-3129	High	94.3%	LaravelIgnition	Laravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious code due to insecure usage of file_get_contents() and file_put_contents().	Sep 18, 2023	KEV

CVE-2025-54068KEV

High

Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote command execution in specific scenarios.

LaravelEPSS 46.0%

CVE-2018-15133KEV

High

Laravel Framework contains a deserialization of untrusted data vulnerability, allowing for remote command execution. This vulnerability may only be exploited if a malicious user has accessed the application encryption key (APP_KEY environment variable).

LaravelEPSS 84.4%

CVE-2021-3129KEV

High

Laravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious code due to insecure usage of file_get_contents() and file_put_contents().

LaravelEPSS 94.3%