Package impact
Packagist / verbb/formie
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45697 | critical | 9.8 | 9.8 | 17d ago | Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20 and 3.1.24, unauthenticated users could submit crafted values into Hidden fields (with Default value → Custom) that were evaluated as … | |||
| CVE-2026-47266 | unknown | — | — | 6d ago | formie's unauthenticated front-end submission editing can overwrite existing submissions |