CodeIgniter Security Update Advisory (CVE-2025-54418)

Aug 06 2025

Overview

We have released a security update to address a vulnerability in CodeIgniter. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-54418

CodeIgniter Versions: 4.0.0 and above but below 4.6.2

Resolved Vulnerabilities

Command injection vulnerability in the ImageMagick handler in CodeIgniter4 (CVE-2025-54418)

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-54418

CodeIgniter Version: 4.6.2

References

[1] Command Injection Vulnerability in ImageMagick Handler
https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c
[2] Commit e18120b
https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0

CodeIgniter Security Update Advisory (CVE-2025-54418)

OAuth2-Proxy Security Update Advisory (CVE-2025-54576)

Dell Product Security Update Advisory

Tags:

OAuth2-Proxy Security Update Advisory (CVE-2025-54576)

Dell Product Security Update Advisory