CVE-2026-21450

Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side template injection via type parameter, which can lead to remote code execution or another exploitation. Version 2.3.10 fixes the issue.

Published Jan 5, 2026

https://github.com/advisories/GHSA-9hvg-qw5q-wqwp

CVSS ScoreCritical

9.8

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2026-21450

Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side template injection via type parameter, which can lead to remote code execution or another exploitation. Version 2.3.10 fixes the issue.

Published Jan 5, 2026

https://github.com/advisories/GHSA-9hvg-qw5q-wqwp

CVSS ScoreCritical

9.8


composer	bagisto/bagisto	v0.1.0
composer	bagisto/bagisto	v0.1.1
composer	bagisto/bagisto	v0.1.2
composer	bagisto/bagisto	v0.1.3
composer	bagisto/bagisto	v0.1.4-BETA1
composer	bagisto/bagisto	v0.1.4-BETA2
composer	bagisto/bagisto	v0.1.4-BETA3
composer	bagisto/bagisto	v0.1.4-BETA4
composer	bagisto/bagisto	v0.1.4
composer	bagisto/bagisto	v0.1.5
composer	bagisto/bagisto	v0.1.6-ALPHA1
composer	bagisto/bagisto	v0.1.6
composer	bagisto/bagisto	v0.1.7-BETA1
composer	bagisto/bagisto	v0.1.7-BETA2
composer	bagisto/bagisto	v0.1.7
composer	bagisto/bagisto	v0.1.8
composer	bagisto/bagisto	v0.1.9-BETA1
composer	bagisto/bagisto	v0.1.9
composer	bagisto/bagisto	v0.2.0
composer	bagisto/bagisto	v0.2.1
composer	bagisto/bagisto	v0.2.2
composer	bagisto/bagisto	v1.0.0-BETA1
composer	bagisto/bagisto	v1.0.0
composer	bagisto/bagisto	v1.1.0
composer	bagisto/bagisto	v1.1.1
composer	bagisto/bagisto	v1.1.2
composer	bagisto/bagisto	v1.2.0-BETA1
composer	bagisto/bagisto	v1.2.0
composer	bagisto/bagisto	v1.3.0
composer	bagisto/bagisto	v1.3.1
composer	bagisto/bagisto	v1.3.2
composer	bagisto/bagisto	v1.3.3
composer	bagisto/bagisto	v1.4.0
composer	bagisto/bagisto	v1.4.1
composer	bagisto/bagisto	v1.4.2
composer	bagisto/bagisto	v1.4.3
composer	bagisto/bagisto	v1.4.4
composer	bagisto/bagisto	v1.4.5
composer	bagisto/bagisto	v1.5.0
composer	bagisto/bagisto	v1.5.1
composer	bagisto/bagisto	v2.0.0-BETA-1
composer	bagisto/bagisto	v2.0.0
composer	bagisto/bagisto	v2.1.0
composer	bagisto/bagisto	v2.1.1
composer	bagisto/bagisto	v2.1.2
composer	bagisto/bagisto	v2.2.0
composer	bagisto/bagisto	v2.2.10
composer	bagisto/bagisto	v2.2.1
composer	bagisto/bagisto	v2.2.2
composer	bagisto/bagisto	v2.2.3

Ecosystem	Package	Version


composer	bagisto/bagisto	v0.1.0
composer	bagisto/bagisto	v0.1.1
composer	bagisto/bagisto	v0.1.2
composer	bagisto/bagisto	v0.1.3
composer	bagisto/bagisto	v0.1.4-BETA1
composer	bagisto/bagisto	v0.1.4-BETA2
composer	bagisto/bagisto	v0.1.4-BETA3
composer	bagisto/bagisto	v0.1.4-BETA4
composer	bagisto/bagisto	v0.1.4
composer	bagisto/bagisto	v0.1.5
composer	bagisto/bagisto	v0.1.6-ALPHA1
composer	bagisto/bagisto	v0.1.6
composer	bagisto/bagisto	v0.1.7-BETA1
composer	bagisto/bagisto	v0.1.7-BETA2
composer	bagisto/bagisto	v0.1.7
composer	bagisto/bagisto	v0.1.8
composer	bagisto/bagisto	v0.1.9-BETA1
composer	bagisto/bagisto	v0.1.9
composer	bagisto/bagisto	v0.2.0
composer	bagisto/bagisto	v0.2.1
composer	bagisto/bagisto	v0.2.2
composer	bagisto/bagisto	v1.0.0-BETA1
composer	bagisto/bagisto	v1.0.0
composer	bagisto/bagisto	v1.1.0
composer	bagisto/bagisto	v1.1.1
composer	bagisto/bagisto	v1.1.2
composer	bagisto/bagisto	v1.2.0-BETA1
composer	bagisto/bagisto	v1.2.0
composer	bagisto/bagisto	v1.3.0
composer	bagisto/bagisto	v1.3.1
composer	bagisto/bagisto	v1.3.2
composer	bagisto/bagisto	v1.3.3
composer	bagisto/bagisto	v1.4.0
composer	bagisto/bagisto	v1.4.1
composer	bagisto/bagisto	v1.4.2
composer	bagisto/bagisto	v1.4.3
composer	bagisto/bagisto	v1.4.4
composer	bagisto/bagisto	v1.4.5
composer	bagisto/bagisto	v1.5.0
composer	bagisto/bagisto	v1.5.1
composer	bagisto/bagisto	v2.0.0-BETA-1
composer	bagisto/bagisto	v2.0.0
composer	bagisto/bagisto	v2.1.0
composer	bagisto/bagisto	v2.1.1
composer	bagisto/bagisto	v2.1.2
composer	bagisto/bagisto	v2.2.0
composer	bagisto/bagisto	v2.2.10
composer	bagisto/bagisto	v2.2.1
composer	bagisto/bagisto	v2.2.2
composer	bagisto/bagisto	v2.2.3

Find vulnerabilities. Fix fast with AI.

CVE-2026-21450

CVE-2026-21450