โ† Back to Dashboard

CVE-2026-42471

HIGH NVD
CVSS Score
8.1
Severity
HIGH
Source
NVD
Published
May 01, 2026
Description

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The sync-invoke client (Connection.php:76) calls unserialize() on data received from the server response, enabling client-side RCE if connecting to a malicious server.

View Full Details โ† Back