CVE-2026-46723— Information Disclosure in extension "Faceted Search" (ke_search)
Possible ATT&CK Techniques 1AI
T1005 · Data from Local SystemAffected Version Matrix 3
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| TYPO3 | Extension "Faceted Search" | 7.0.0< 7.0.1 | affected |
6.0.0< 6.6.1 | affected | ||
< 5.6.2 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-46723
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Information Disclosure in extension "Faceted Search" (ke_search)
Source: NVD (National Vulnerability Database)
Vulnerability Description
The additional_tables configuration of the page and tt_content indexers accepts arbitrary table and field names. A backend user with permission to edit indexer configurations can copy sensitive data from internal TYPO3 tables into the search index.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
将资源暴露给错误范围
Source: NVD (National Vulnerability Database)
Vulnerability Title
TYPO3 Extension Faceted Search 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
TYPO3 Extension Faceted Search是TYPO3开源的一个TYPO3分面搜索扩展。 TYPO3 Extension Faceted Search存在安全漏洞,该漏洞源于页面和tt_content索引器的additional_tables配置接受任意表和字段名,可能导致具有编辑索引器配置权限的后端用户将内部TYPO3表中的敏感数据复制到搜索索引。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| TYPO3 | Extension "Faceted Search" | 7.0.0 ~ 7.0.1 | - |
II. Public POCs for CVE-2026-46723
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-46723
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-46723 (1)
Same Patch Batch · TYPO3 · 2026-05-19 · 8 CVEs total
| CVE-2026-46722 | XML External Entity Injection in extension "Faceted Search" (ke_search) | |
| CVE-2026-46725 | Remote Code Execution in extension "Content Element Selector" (ceselector) | |
| CVE-2026-46721 | Broken Access Control in extension "Frontend User Registration" (sf_register) | |
| CVE-2026-46724 | Path Traversal in extension "Faceted Search" (ke_search) | |
| CVE-2026-8726 | SQL Injection in extension "News system" (news) | |
| CVE-2026-8727 | Remote Code Execution in extension "Site Crawler" (crawler) | |
| CVE-2026-8827 | SQL Injection in extension "Address List" (tt_address) |
IV. Related Vulnerabilities
Same vendor: TYPO3
- CVE-2026-46725
Remote Code Execution in extension "Content Element Selector - CVE-2026-8827
SQL Injection in extension "Address List" (tt_address) - CVE-2026-46724
Path Traversal in extension "Faceted Search" (ke_search) - CVE-2026-46722
XML External Entity Injection in extension "Faceted Search" - CVE-2026-8726
SQL Injection in extension "News system" (news)
Same weakness: CWE-668
- CVE-2026-44552
Open WebUI: Redis Cache Keys tool_servers and terminal_serve - CVE-2026-45411
vm2: Sandbox Breakout Using Async Generator - CVE-2026-44009
vm2: Sandbox Breakout Through Null Proto Exception - CVE-2026-44008
vm2: Snabox breakout via `neutralizeArraySpeciesBatch` - CVE-2026-41368
OpenClaw < 2026.3.28 - Environment Variable Disclosure via j
V. Comments for CVE-2026-46723
No comments yet