CVE-2026-24425
published 2026-05-20CVE-2026-24425: Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template…
PriorityP262critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
EPSS
0.74%
49.9th percentile
Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that fails to use the current template source to bypass sandbox restrictions and execute arbitrary code when the sandbox is enabled through a source policy rather than globally.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| symfony | twig | 2.16.0 – 2.16.1 | — |
| symfony | twig | >= 3.9.0 < 3.26.0 | 3.26.0 |
| twig | twig | 2.16.0 – 2.16.1 | — |
| twig | twig | >= 3.9.0 < 3.26.0 | 3.26.0 |
| twigphp | twig | — | — |
| twigphp | twig | >= 3.9.0 < 3.26.0 | 3.26.0 |
| ubuntu | php-twig | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploitation targets the `sort`, `filter`, `map`, and `reduce` Twig filters — monitor template rendering requests that pass arbitrary PHP callables to these filters when a SourcePolicyInterface-based sandbox is in use. ↗
- →Vulnerability is only exploitable when the sandbox is enabled via a source policy (SourcePolicyInterface) rather than globally — detection should focus on environments using per-source sandbox policies, not globally-enabled sandboxes. ↗
- →The bypass mechanism abuses a runtime check that fails to use the current template source — look for anomalous callable values in Twig filter arguments that would normally be blocked by sandbox policy. ↗
- →Exploitation requires an authenticated user with template rendering capabilities — correlate suspicious Twig filter usage with authenticated sessions in application logs. ↗
- ·Affected versions are Twig 2.16.x and 3.9.0 through 3.25.x — verify deployed Twig version to scope detection and patching efforts. ↗
- ·The vulnerability only manifests when a SourcePolicyInterface is used to enable the sandbox; globally-enabled sandboxes are NOT affected — audit Twig configuration to determine exposure. ↗
CVSS provenance
nvdv3.19.9CRITICALCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Twig vulnerability
vendor_ubuntu·2026-06-08
CVE-2026-24425 Twig vulnerability
Title: Twig vulnerability
Summary: Twig could be made to run programs if it received specially crafted network
traffic from an authenticated user.
It was discovered that Twig did not properly validate PHP callables when
using a source policy. An authenticated user could possibly use this issue
to execute arbitrary code.
Instructions: In general, a standard system update will make all the necessary changes.
GHSA
Twig: Possible sandbox bypass when using a source policy
ghsa·2026-06-05
CVE-2026-24425 [HIGH] CWE-693 Twig: Possible sandbox bypass when using a source policy
Twig: Possible sandbox bypass when using a source policy
# Description
When using the sandbox with a `SourcePolicyInterface`, Twig does not always apply the sandbox restriction that forbids non-`Closure` callbacks for callback-accepting filters.
The issue affects the `sort`, `filter`, `map`, and `reduce` filters.
In the affected versions, the runtime check that rejects non-`Closure` callbacks in sandbox mode does not use the current template `Source`. As a result, when the sandbox is enabled through a source policy instead of being enabled globally, Twig can incorrectly treat the current execution as non-sandboxed for these callback checks.
This can allow user-controlled templates to pass arbitrary PHP callables to callback-accepting filters even though the template is being sandboxed
VulDB
twigphp Twig up to 2.16.x/3.25.x protection mechanism
vuldb·2026-05-20·CVSS 8.7
CVE-2026-24425 [HIGH] twigphp Twig up to 2.16.x/3.25.x protection mechanism
A vulnerability classified as critical was found in twigphp Twig up to 2.16.x/3.25.x. Affected by this issue is some unknown functionality. Executing a manipulation can lead to protection mechanism failure.
This vulnerability is tracked as CVE-2026-24425. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is advised.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-20
Published