CVE-2026-47110
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk22th percentile — higher than 22% of all known CVEs
Summary
A vulnerability in Tiptap for PHP before version 2.1.1 allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href field set to an array instead of a string. This triggers an unhandled TypeError in the Link::isAllowedUri() function when passed to preg_match(), permanently corrupting the record and blocking HTML rendering for all users.
Risk Assessment
The organization faces a persistent disruption of server-side HTML rendering for all records containing malformed data, potentially leading to content unavailability for users and requiring manual database repair.
Recommendation
Immediately update Tiptap for PHP to version 2.1.1 or later, which includes input validation fixes. Additionally, consider implementing server-side JSON validation before processing.
Original NVD description (English source)
Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href field set to an array instead of a string, causing an unhandled TypeError in the Link::isAllowedUri() function when passed to preg_match(). Attackers can persist malformed JSON records that permanently crash the server-side HTML rendering pipeline for all subsequent viewers of that record until the database entry is manually repaired.

