Livewire

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-54068 CRITICAL KEV PATCH THREAT Act Now

Laravel Livewire v3 through v3.6.3 contains a critical remote code execution vulnerability (CVE-2025-54068, CVSS 9.8) that allows unauthenticated attackers to execute commands through improper hydration of component property updates. KEV-listed with EPSS 16%, this vulnerability affects one of the most popular PHP frameworks, potentially compromising thousands of Laravel applications using Livewire for reactive server-side rendering.

Laravel PHP RCE Code Injection Livewire

NVD GitHub VulDB

CVSS 3.1

9.8

EPSS

16.0%

CVE-2025-54068

EPSS 16% CVSS 9.8

CRITICAL KEV PATCH THREAT Act Now

Laravel Livewire v3 through v3.6.3 contains a critical remote code execution vulnerability (CVE-2025-54068, CVSS 9.8) that allows unauthenticated attackers to execute commands through improper hydration of component property updates. KEV-listed with EPSS 16%, this vulnerability affects one of the most popular PHP frameworks, potentially compromising thousands of Laravel applications using Livewire for reactive server-side rendering.

Laravel PHP RCE +2

NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy