CYBERHAWK / CVE / CVE-2026-48557

CVE-2026-48557

Spatie Laravel Media Library

HIGH CVSS 8.8 vibe

The flaw

File upload restriction bypass allows uploading malicious files with double extensions like shell.php.jpg.

Update to version 11.23.0 or later

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-05 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits