topthink/framework vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2025-50706Criticaltopthink/framework: ThinkPHP Path Traversal VulnerabilityCVE-2024-44902Criticaltopthink/framework: ThinkPHP deserialization vulnerabilityCVE-2024-34467Mediumtopthink/framework: ThinkPHP Cross-Site Scripting VulnerabilityCVE-2022-47945Criticaltopthink/framework: ThinkPHP Framework vulnerable to remote code executionCVE-2022-44289Hightopthink/framework: Thinkphp has a code logic errorCVE-2022-38352Criticaltopthink/framework: ThinkPHP deserialization vulnerabilityCVE-2022-33107Criticaltopthink/framework: Deserialization of Untrusted Data in topthink/frameworkCVE-2018-10225Criticaltopthink/framework: thinkphp SQL Injection via the index.php s parameterCVE-2018-16385Criticaltopthink/framework: ThinkPHP SQL Injection vulnerabilityCVE-2018-17566Criticaltopthink/framework: ThinkPHP SQL injection vulnerabilityCVE-2018-18530Criticaltopthink/framework: ThinkPHP SQLi VulnerabilityCVE-2018-18529Criticaltopthink/framework: ThinkPHP SQLi VulnerabilityCVE-2018-18546Criticaltopthink/framework: ThinkPHP SQLi VulnerabilityCVE-2021-23592Criticaltopthink/framework: Deserialization of Untrusted Data in topthink/frameworkCVE-2022-25481Hightopthink/framework: Exposure of Resource to Wrong Sphere in ThinkPHP FrameworkCVE-2021-44892Hightopthink/framework: ThinkPHP Remote Code Execution (RCE) vulnerabilityCVE-2021-44350Criticaltopthink/framework: ThinkPHP5 SQL Injection vulnerabilityCVE-2021-36564Criticaltopthink/framework: Deserialization of Untrusted Data in topthink/frameworkCVE-2021-36567Criticaltopthink/framework: Deserialization of Untrusted Data in topthink/framework

Stop the waste.
Protect your environment with Kodem.