PKSA-k33k-b5qw-yqgp Security Advisory
-
[MEDIUM] Craft CMS Race condition in Token Service potentially allows for token usage greater than the token limit
PKSA-k33k-b5qw-yqgp CVE-2026-27128 GHSA-6fx5-5cw5-4897
Affected package: craftcms/cms
Affected version: >=5.0.0-RC1,<=5.8.22|>=4.5.0-RC1,<=4.16.18
Reported by:
GitHub