Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-47212

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, TwilioRequestParser::doParse() received the configured webhook secret but ignored the X-Twilio-Signature HMAC header, allowing unauthenticated POST requests to inject forged Twilio status payloads. This issue is fixed in versions 6.4.40, 7.4.12, and 8.0.12.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 22.2%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2026-47212


Contact Us

Shodan ® - All rights reserved