CVE-2026-31266 Blast Radius

HIGH • CVSS 7.3Craft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in the migrate endpoint (/actions/app/migrate).

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-31266.

Start Free Scan →← Back to CVE-2026-31266