cms

v5.73.22 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 23d API Development

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

api-rest cms composer-package content-management-system flat-file-cms flatfile

+12 more

flatfilecms graphql headless jamstack laravel laravel-cms laravel-package php php8 ssg statamic vuejs

ReleasePort's take

Light signal

editorial:auto 13d

The release hardens remote URL validation to prevent injection attacks.

Why it matters: Patch immediately if handling user‑supplied URLs; the hardened validation mitigates potential injection vulnerabilities across all deployments of v5.73.22.

Summary

AI summary

Hardened remote URL validation to prevent injection attacks.

Changes in this release

Type	Severity	Summary	CVE
Security	Medium	Hardened remote URL validation Hardened remote URL validation Source: llm_adapter@2026-05-21 Confidence: high	—

Full changelog

What's fixed

Harden remote URL validation #14645 by @jasonvarga

Security Fixes

Hardened remote URL validation to prevent injection attacks (issue #14645).

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track cms

Get notified when new releases ship.

About cms

The core Laravel CMS Composer package

All releases →

cms

ReleasePort's take

Summary

Changes in this release

What's fixed

Security Fixes

Related context

Related tools