AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-mm6w-gr99-p3jj: Twig: Sandbox property and method bypass via object-destructuring assignment

highvulnerability

security

Source: GitHub Advisory DatabaseMay 21, 2026CVE-2026-46639

Summary

Twig (a template engine) versions 3.24.0 and later had a vulnerability where object-destructuring assignment (a syntax for extracting values from objects) bypassed the sandbox security feature (a restriction system that controls what properties and methods templates can access). An attacker who could write to a sandboxed template could read any public property or call any public method, defeating the security restrictions that should have prevented this.

Solution / Mitigation

The destructuring compiler was updated to correctly forward the active sandbox flag to the getAttribute() function so that property and method allowlists are enforced during destructuring operations.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Patch Available

Yes

Disclosure Date

May 21, 2026

Classification

Attack SophisticationModerate

Affected Packages

twig/twig@>= 3.24.0, < 3.26.0 (fixed: 3.26.0)

Monthly digest — independent AI security research

Original source: https://github.com/advisories/GHSA-mm6w-gr99-p3jj

First tracked: May 21, 2026 at 08:00 PM

Classified by LLM (prompt v3) · confidence: 95%