CVE-2024-56145: Craft CMS Code Injection Vulnerability. Craft CMS contains

Craft CMS Code Injection Vulnerability. Craft CMS contains a code injection vulnerability. Users with affected versions are vulnerable to remote code execution if their php.ini configuration has `register_argc_argv` enabled.

• CISA KEV-listed (remediation due 2025-06-23)
• EPSS 93.9% (99.9% percentile)

Browse the CVE database

Read the full analysis on IntelFusions