top of page
perceptive_background_267k.jpg

Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges. Att…

Published:

15 januari 2026 om 23:00:00

Alert date:

16 januari 2026 om 01:13:28

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Supply Chain & Dependencies

Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows attackers to modify the valet command with root privileges. The vulnerability enables users to edit the symlinked valet command to execute arbitrary code with root permissions without requiring additional authentication. This affects the Laravel development environment tool used on macOS systems. The vulnerability has been documented with exploit code available publicly.

Technical details

Mitigation steps:

Affected products:

Laravel Valet

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2021-47756
https://laravel.com/docs/8.x/valet
https://www.exploit-db.com/exploits/50591
https://www.vulncheck.com/advisories/laravel-valet-local-privilege-escalation-macos

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page