Vulnerability Details CVE-2026-48808
Twig is a template language for PHP. Prior to 3.27.0, the column filter passes the active sandbox state as a boolean but does not forward the current Source to SandboxExtension::checkPropertyAllowed(), so SourcePolicyInterface decisions are lost and a template author can read public or magic properties not allowed by the sandbox policy. This issue is fixed in version 3.27.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 17.5%