Package impact
Packagist / shopper/framework
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-47744 | critical | 9.9 | 9.9 | 8d ago | Shopper: Authorization bypass and RBAC privilege escalation in team settings | |||
| CVE-2026-47745 | medium | 6.5 | 6.5 | 8d ago | Shopper: Missing per-action authorization on PaymentMethods, Currencies and Carriers admin tables | |||
| CVE-2026-47742 | medium | 6.5 | 6.5 | 8d ago | Shopper: Missing authorization on Product admin Livewire sub-form components | |||
| CVE-2026-47743 | unknown | — | — | 20h ago | Shopper: Multiple data integrity and disclosure issues in admin Livewire components |