A vulnerability classified as critical was found in twigphp Twig up to 2.16.x/3.25.x . Affected by this issue is some unknown functionality. Executing a manipulation can lead to protection mechanism failure. This vulnerability is tracked as CVE-2026-24425 . The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.