CVE-2026-47352

EUVD-2026-35399
Authenticated backend users were able to retrieve file metadata via several Backend API routes without proper permission checks, allowing access to files outside their permitted file mounts or storages. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0-11.5.51, 12.0.0-12.4.46, 13.0.0-13.4.31 and 14.0.0-14.3.3.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
TYPO3CNA
5.3 MEDIUM
NETWORK
LOW
LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
typo3typo3
𝑥
< 10.4.57
CNA
typo3typo3
11.0.0 ≤
𝑥
< 11.5.51
CNA
typo3typo3
12.0.0 ≤
𝑥
< 12.4.46
CNA
typo3typo3
13.0.0 ≤
𝑥
< 13.4.31
CNA
typo3typo3
14.0.0 ≤
𝑥
< 14.3.3
CNA
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://github.com/TYPO3/typo3/commit/17a3b7830d5931725db5fdab0cfc76d479884c96
https://github.com/TYPO3/typo3/commit/bfe7c354168f467726020ed49299dd209a455719
https://typo3.org/security/advisory/typo3-core-sa-2026-015