CNNVD-202601-2889 Information

CNNVD ID

CNNVD-202601-2889

Related CVE

CVE-2021-47756

• CNNVD Published: 2026-01-16

Description (Chinese)

Laravel Valet是https://laravel.com/开源的一个PHP开发框架。 Laravel Valet 1.1.4版本至2.0.3版本存在安全漏洞，该漏洞源于允许用户修改具有root权限的valet命令，可能导致权限提升。

Description (English)

Laravel Valet is a PHP development framework at https://laravel.com/open source. There is a security loophole in versions Laravel Valet 1.1.4 to 2.0.3, which stems from allowing users to modify the valet commands with root privileges, which may lead to an increase in privileges.

Hazard Level

Medium

Vulnerability Type

其他

Published

2026-01-16

Last Modified

2026-02-24

References

https://laravel.com/docs/8.x/valet https://www.exploit-db.com/exploits/50591 https://www.vulncheck.com/advisories/laravel-valet-local-privilege-escalation-macos