Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-0859
PUBLISHED
More InfoOfficial Page
Assigner-TYPO3
Assigner Org ID-f4fb688c-4412-4426-b4b8-421ecf27b14a
View Known Exploited Vulnerability (KEV) details
Published At-13 Jan, 2026 | 11:54
Updated At-13 Jan, 2026 | 14:12
Rejected At-
▼CVE Numbering Authority (CNA)
TYPO3 CMS Allows Insecure Deserialization via Mailer File Spool

TYPO3's mail‑file spool deserialization flaw lets local users with write access to the spool directory craft a malicious file that is deserialized during the mailer:spool:send command, enabling arbitrary PHP code execution on the web server. This issue affects TYPO3 CMS versions 10.0.0-10.4.54, 11.0.0-11.5.48, 12.0.0-12.4.40, 13.0.0-13.4.22 and 14.0.0-14.0.1.

Affected Products
Vendor
TYPO3 AssociationTYPO3
Product
TYPO3 CMS
Collection URL
https://packagist.org
Package Name
typo3/cms-core
Repo
https://github.com/TYPO3/typo3
Modules
  • Core
Default Status
unaffected
Versions
Affected
  • From 10.0.0 before 10.4.55 (semver)
  • From 11.0.0 before 11.5.49 (semver)
  • From 12.0.0 before 12.4.41 (semver)
  • From 13.0.0 before 13.4.23 (semver)
  • From 14.0.0 before 14.0.2 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-502CWE-502 Deserialization of Untrusted Data
Type: CWE
CWE ID: CWE-502
Description: CWE-502 Deserialization of Untrusted Data
Metrics
VersionBase scoreBase severityVector
4.05.2MEDIUM
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H
Version: 4.0
Base score: 5.2
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
reporter
Vitaly Simonovich
remediation developer
Elias Häußler
remediation developer
Oliver Hader
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://typo3.org/security/advisory/typo3-core-sa-2026-004
vendor-advisory
https://github.com/TYPO3/typo3/commit/3225d705080a1bde57a66689621c947da5a4782f
patch
https://github.com/TYPO3/typo3/commit/e0f0ceee480c203fbb60b87454f5f193e541d27f
patch
https://github.com/TYPO3/typo3/commit/722bf71c118b0a8e4f2c2494854437d846799a13
patch
Hyperlink: https://typo3.org/security/advisory/typo3-core-sa-2026-004
Resource:
vendor-advisory
Hyperlink: https://github.com/TYPO3/typo3/commit/3225d705080a1bde57a66689621c947da5a4782f
Resource:
patch
Hyperlink: https://github.com/TYPO3/typo3/commit/e0f0ceee480c203fbb60b87454f5f193e541d27f
Resource:
patch
Hyperlink: https://github.com/TYPO3/typo3/commit/722bf71c118b0a8e4f2c2494854437d846799a13
Resource:
patch
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found