In this security release, we have resolved a vulnerability of threat level "critical". Affected are all Shopware versions up to and including 18.104.22.168. The following issues have been fixed with this security update:
NEXT-26140 - Improve Twig Security Extension to verify PHP Closures in Twig Templates (GHSA-7v2v-9rm4-7m8f)
We recommend updating to the current version 22.214.171.124. You can update to 126.96.36.199 via the auto-updater or manually via the download package.
For older versions, corresponding security measures are also available via the central security plugin for Shopware 6.