The Silverstripe CMS Squad has released several security patches as part of the June 2026 security release.
There were 2x high severity vulnerabilities patched for silverstripe/userforms and symbiote/silverstripe-advancedworkflow with fixes targeting CMS 5.4, 6.1, and 6.2.
There were also 3x medium severity patches released for silverstripe/framework, silverstripe/cms, and silverstripe/versioned targeting CMS 6.2.
See the official blog post for more details.