CVE-2026-46723
TYPO3 Indexer Configuration Sensitive Data Exposure
Publication date: 2026-05-19
Last updated on: 2026-05-19
Assigner: TYPO3
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| typo3 | typo3 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-668 | The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized exposure of sensitive internal data by allowing a privileged backend user to copy confidential information into the search index. This could increase the risk of sensitive data being accessed or leaked through the search functionality.
Can you explain this vulnerability to me?
This vulnerability exists in the additional_tables configuration of the page and tt_content indexers in TYPO3. It allows a backend user who has permission to edit indexer configurations to specify arbitrary table and field names. As a result, such a user can copy sensitive data from internal TYPO3 database tables into the search index.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows a backend user with permission to edit indexer configurations to copy sensitive data from internal TYPO3 tables into the search index. Such unauthorized exposure or copying of sensitive data can lead to non-compliance with data protection regulations like GDPR and HIPAA, which require strict controls over access to and processing of personal and sensitive information.
If sensitive personal data is indexed and potentially exposed due to this vulnerability, organizations using affected TYPO3 versions may face risks related to data breaches, unauthorized data access, and failure to protect confidential information as mandated by these standards.
Therefore, this vulnerability can negatively impact compliance by increasing the risk of unauthorized data disclosure and weakening data protection measures required under common regulations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking if the TYPO3 extension "Faceted Search" (ke_search) is installed and which version is running. Specifically, versions 7.0.0, 6.0.0 to 6.6.0, and 5.6.1 and below are affected.
You can detect the presence and version of the extension by using TYPO3's extension manager or by running commands to list installed extensions and their versions.
- Use the TYPO3 CLI command to list installed extensions and their versions: `./typo3cms extension:list`
- Check the configuration files or database entries for the additional_tables configuration in the page and tt_content indexers to see if arbitrary table and field names are configured.
Since the vulnerability requires backend user permissions to edit indexer configurations, auditing backend user activities and permissions may also help detect potential exploitation.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the TYPO3 extension "Faceted Search" (ke_search) to a fixed version. The affected versions are 7.0.0, 6.0.0 to 6.6.0, and 5.6.1 and below.
- Update to versions 7.0.1, 6.6.1, or 5.6.2 or later, which contain fixes for this vulnerability.
- Use the TYPO3 extension manager, Packagist, or the official extension download page to perform the update.
Additionally, review and restrict backend user permissions to ensure only trusted users can edit indexer configurations.
Follow the TYPO3 Security Guide recommendations and subscribe to the typo3-announce mailing list for future updates and advisories.