Vulnerability Database

322,905

Total vulnerabilities in the database

CVE-2021-47756

Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges. Attackers can edit the symlinked valet command to execute arbitrary code with root permissions without additional authentication.

Published: Jan 16, 2026
Updated: Jan 17, 2026
CVE: CVE-2021-47756
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.4
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-732

Affected Software
References

No affected software listed.

https://laravel.com/docs/8.x/valet
https://www.exploit-db.com/exploits/50591
https://www.vulncheck.com/advisories/laravel-valet-local-privilege-escalation-macos

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo