Livewire/livewire
This hub aggregates every CVE we track for Livewire/livewire, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
2
Critical
1
High
1
In CISA KEV
Severity distribution
CRITICAL2HIGH1MEDIUM1
Monthly trend
0
0
0
1
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Livewire/livewire.
- CVE-2025-54068Livewire vulnerable to remote command execution during property update hydrationKEV9.8
- CVE-2024-47823Livewire Remote Code Execution (RCE) on File Uploads9.8
- CVE-2024-21504Versions of the package livewire/livewire from 3.3.5 and before 3.4.9 are vulnerable to Cross-site Scripting (XSS) when a page uses [Url] for a property. An attacker can inject HTML code in the con...6.1
- CVE-2024-22859Cross-Site Request Forgery (CSRF) vulnerability in livewire before v3.0.4, allows remote attackers to execute arbitrary code getCsrfToken function. NOTE: the vendor disputes this because the 5d8873...8.8
Product normalization is registry-driven with AI assist and human review. How it works