Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-45755

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 7.4.12 and 8.0.12, MailtrapRequestParser::doParse() received the configured webhook secret but ignored the X-Mt-Signature HMAC header, allowing unauthenticated POST requests to inject forged Mailtrap delivery, bounce, open, click, or spam events. This issue is fixed in versions 7.4.12 and 8.0.12.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 22.2%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2026-45755


Contact Us

Shodan ® - All rights reserved