CVE-2026-46724
TYPO3 ke_search path traversal due to lack of normalization on config directory from file indexer
Description
In TYPO3 faceted fulltext search (`ke_search`), the file indexer does not normalize the configured directory path. A backend user with permission to edit indexer configurations can index documents from arbitrary locations on the server file system through path traversal sequences. This has been patched in versions 7.0.1, 6.6.1, 5.6.2 and 4.6.7.
How to fix CVE-2026-46724
To remediate CVE-2026-46724, upgrade the affected package to a fixed version below.
- Packagist/tpwd/ke_search—upgrade to 7.0.1 or later
Is CVE-2026-46724 being exploited?
No exploitation signal available. Neither CISA KEV nor a current EPSS score has been published for CVE-2026-46724.
Affected packages (1)
- >= 7.0.0, < 7.0.1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N |