CVE-2025-54068: Laravel Livewire Code Injection Vulnerability

Vendor: Laravel. Product: Livewire. Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote command execution in spe...

Early report Major update Updated Mar 20, 2026, 12:00 AM UTC

Track this event Edit in app More event pages

What changed

CISA Known Exploited Vulnerabilities: CVE-2025-54068: Laravel Livewire Code Injection Vulnerability.

First seen Mar 20, 2026, 12:00 AM UTC Latest source Mar 20, 2026, 12:00 AM UTC

Update 1 1d ago

CVE-2025-54068: Laravel Livewire Code Injection Vulnerability

CISA Known Exploited Vulnerabilities •published Mar 20, 2026, 12:00 AM UTC •fetched Mar 20, 2026, 10:20 PM UTC