CodeIgniter4 has a validation bypass when uploading file extensions via `ext_in` rule · CVE-2026-48062 · GitHub Advisory Database · GitHub

CodeIgniter4 has a validation bypass when uploading file extensions via `ext_in` rule

Critical severity GitHub Reviewed Published May 20, 2026 in codeigniter4/CodeIgniter4

0 Open 0 Closed

No open alerts for this advisory

Give feedback on Dependabot alerts

⚡