Vulnerability Description
Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href field set to an array instead of a string, causing an unhandled TypeError in the Link::isAllowedUri() function when passed to preg_match(). Attackers can persist malformed JSON records that permanently crash the server-side HTML rendering pipeline for all subsequent viewers of that record until the database entry is manually repaired.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://github.com/ueberdosis/tiptap-php/commit/74bfb7be1c8c6102b240f3879b7f984a
- https://github.com/ueberdosis/tiptap-php/pull/94
- https://github.com/ueberdosis/tiptap-php/releases/tag/2.1.1
- https://www.vulncheck.com/advisories/tiptap-for-php-dos-via-malformed-href-attri
FAQ
What is CVE-2026-47110?
CVE-2026-47110 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href field set ...
How severe is CVE-2026-47110?
CVE-2026-47110 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-47110?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.