Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

CVE-2026-49740— TYPO3 CMS - Insecure Deserialization in Core API

AI Predicted 7.5 Difficulty: Moderate EPSS 0.59% · P43

Possible ATT&CK Techniques 1AI

T1190 · Exploit Public-Facing Application

Affected Version Matrix 5

VendorProductVersion RangeStatus
TYPO3TYPO3 CMS< 10.4.57affected
11.0.0< 11.5.51affected
12.0.0< 12.4.46affected
13.0.0< 13.4.31affected
14.0.0< 14.3.3affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-49740

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
TYPO3 CMS - Insecure Deserialization in Core API
Source: NVD (National Vulnerability Database)
Vulnerability Description
TYPO3's cache frontend (VariableFrontend) and persistent key-value store (Registry) deserialized PHP payloads without integrity validation or class restrictions. An attacker with write access to the underlying storage backend (cache store or sys_registry database table) could inject a crafted serialized payload to trigger PHP Object Injection, potentially exploiting a gadget chain to achieve Remote Code Execution or other high-impact effects. Exploiting this vulnerability requires direct local write access to the storage, such as the SQL database or file system. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0-11.5.51, 12.0.0-12.4.46, 13.0.0-13.4.31 and 14.0.0-14.3.3.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
可信数据的反序列化
Source: NVD (National Vulnerability Database)
Vulnerability Title
TYPO3 CMS 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
TYPO3 CMS是TYPO3开源的一个内容管理系统。 TYPO3 CMS 10.4.57之前版本、11.0.0至11.5.51版本、12.0.0至12.4.46版本、13.0.0至13.4.31版本和14.0.0至14.3.3版本存在代码问题漏洞,该漏洞源于缓存前端和持久键值存储反序列化PHP有效载荷时未进行完整性验证或类限制,具有底层存储后端写入权限的攻击者可以注入特制的序列化有效载荷,触发PHP对象注入,可能利用小工具链实现远程代码执行或其他高影响效果。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
TYPO3TYPO3 CMS 0 ~ 10.4.57 -

II. Public POCs for CVE-2026-49740

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-49740

登录查看更多情报信息。

Vendor Advisories for CVE-2026-49740 (1)

Same Patch Batch · TYPO3 · 2026-06-09 · 13 CVEs total

CVE-2026-47347TYPO3 CMS - Open Redirect in Core Utilities
CVE-2026-47349TYPO3 CMS - Broken Access Control in Recycler
CVE-2026-47350TYPO3 CMS - Broken Access Control in DataHandler
CVE-2026-47348TYPO3 CMS - Cross-Site Scripting in Indexed Search
CVE-2026-47352TYPO3 CMS - Broken Access Control in Backend API
CVE-2026-47346TYPO3 CMS - Broken Access Control in Form Framework
CVE-2026-47351TYPO3 CMS - Broken Access Control in Clipboard
CVE-2026-47343TYPO3 CMS - Destructive Actions on File Mount Folders
CVE-2026-11607TYPO3 CMS - Broken Access Control in Form Framework
CVE-2026-49742TYPO3 CMS - Broken Access Control in Media Module
CVE-2026-49738TYPO3 CMS - Broken Access Control in File Abstraction Layer
CVE-2026-49741TYPO3 CMS - Privilege Escalation & SQL Injection in Form Framework

IV. Related Vulnerabilities

Same product: TYPO3 CMS
Same vendor: TYPO3
Same weakness: CWE-502

V. Comments for CVE-2026-49740

No comments yet

Leave a comment