Symfony Blog

All about Symfony releases, new Symfony features, and other important announcements

Symfony 8.1.0 released

Read release notes
May 29, 2026 #Releases ❤️ 4 👍 3 🚀 6 🎉 1

CVE-2026-49212 LiveComponentHydrator HMAC checksum lacks component and slot binding

LiveComponentHydrator HMAC checksum lacks component and slot binding
May 29, 2026 #Security Advisories #Symfony UX 👍 1

CVE-2026-49211 Information exposure via unescaped LIKE wildcards in EntitySearchUtil

Information exposure via unescaped LIKE wildcards in EntitySearchUtil
May 29, 2026 #Security Advisories #Symfony UX 👍 1

CVE-2026-49215 CSRF Protection Bypass in symfony/ux-live-component: Accept Header is CORS-Safelisted

CSRF Protection Bypass in symfony/ux-live-component: Accept Header is CORS-Safelisted
May 29, 2026 #Security Advisories #Symfony UX

CVE-2026-49208 Format-less date LiveProps parsed with the permissive DateTime constructor

Format-less date LiveProps parsed with the permissive DateTime constructor
May 29, 2026 #Security Advisories #Symfony UX

CVE-2026-49209 Denial of service in symfony/ux-live-component via unbounded batch action requests

Denial of service in symfony/ux-live-component via unbounded batch action requests
May 29, 2026 #Security Advisories #Symfony UX

CVE-2026-49210 XSS in symfony/ux-live-component via attacker-controlled child component tag

XSS in symfony/ux-live-component via attacker-controlled child component tag
May 29, 2026 #Security Advisories #Symfony UX

CVE-2026-49216 XSS in symfony/ux-autocomplete via unescaped AJAX response data

XSS in symfony/ux-autocomplete via unescaped AJAX response data
May 29, 2026 #Security Advisories #Symfony UX

Symfony UX 3.1.0 released

Read release notes
May 29, 2026 #Releases #Symfony UX ❤️ 10 👍 3 🎉 3

Symfony UX 2.36.0 released

Read release notes
May 29, 2026 #Releases #Symfony UX ❤️ 1 👍 1