mautic/core Security Advisories for 6.0.6 (2)
-
[HIGH] Mautic is Vulnerable to SQL Injection through Contact Activity API Sorting
PKSA-frhs-vjy5-hffg CVE-2026-3105 GHSA-r5j5-q42h-fc93
Affected version: >=7.0.0-alpha,<7.0.1|>=6.0.0-alpha,<6.0.8|>=2.10.0,<5.2.10
Reported by:
GitHub -
[CRITICAL] Mautic user without privileged access to the Marketplace can install and uninstall composer packages
PKSA-j693-8gvk-sx7v CVE-2025-13828 GHSA-3fq7-c5m8-g86x
Affected version: >=6.0.0,<6.0.7|>=5.0.0,<5.2.9|>=4.0.0,<4.4.18
Reported by:
GitHub