These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-46683 is a medium-severity vulnerability in the Snappy PHP library, which allows for Server-Side Request Forgery (SSRF) and local file read attacks. This issue is resolved in version 1.7.0.
CVE-2026-46643 is a vulnerability in the Snappy PHP library, which is used for thumbnail, snapshot, or PDF generation from a URL or HTML page. The vulnerability occurs on POSIX systems where the `escapeshellarg` function returns a literal string with single-quote characters included, which are not properly handled by the `is_executable` function. This allows for command injection when the binary path is s [truncated]