CVE-2026-8428 Blast Radius

HIGH • CVSS 7.5Concrete CMS 9.5.0 and below emits a CSRF token in the local_available_update.php view ($token->output('do_update')) but the corresponding do_update()

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-8428.

Start Free Scan →← Back to CVE-2026-8428