CVE-2026-40261 Blast Radius

HIGH • CVSS 8.8Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce:

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-40261.

Start Free Scan →← Back to CVE-2026-40261