Unsafe Client MIME Type Handling Can Enable Arbitrary File Upload...

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while declaring a benign image MIME type, resulting in arbitrary file upload. If the uploaded file is stored in a web-accessible and executable location, this may lead to remote code execution. At the time of publication, no patch was available and the vendor had not responded to coordinated disclosure attempts.

Basic Information

ID CVE-2026-4809

Source TuranSec

Published Mar 26, 2026 at 11:03

Modified Mar 26, 2026 at 13:41

Affected Product

Vendor plank

Product laravel-mediable

Version <= 6.4.0

Affected Versions plank laravel-mediable <= 6.4.0

CWE Classification

CWE-434

References

{
    "lastseen": "",
    "description": "plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while declaring a benign image MIME type, resulting in arbitrary file upload. If the uploaded file is stored in a web-accessible and executable location, this may lead to remote code execution. At the time of publication, no patch was available and the vendor had not responded to coordinated disclosure attempts.",
    "published": "2026-03-26T11:03:27.086Z",
    "modified": "2026-03-26T13:41:27.981Z",
    "type": "cve",
    "title": "Unsafe Client MIME Type Handling Can Enable Arbitrary File Upload in plank/laravel-mediable",
    "source": "TuranSec",
    "references": "https://github.com/plank/laravel-mediable\nhttps://github.com/plank/laravel-mediable/releases/tag/6.4.0\nhttps://github.com/plank/laravel-mediable",
    "id": "CVE-2026-4809",
    "bulletinFamily": "",
    "cwe": [
        "CWE-434"
    ],
    "cvelist": null,
    "sourceData": "plank laravel-mediable <= 6.4.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "laravel-mediable",
    "version": "<= 6.4.0",
    "vendor": "plank",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Unsafe Client MIME Type Handling Can Enable Arbitrary File Upload in plank/laravel-mediable_CVE-2026-4809