A vulnerability has been found in ueberdosis tiptap-php up to 2.1.0 and classified as problematic . Affected is the function Link::isAllowedUri of the component Database Entry Handler . This manipulation of the argument attrs.href causes improper handling of unexpected data type. This vulnerability is tracked as CVE-2026-47110 . The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.