CVE-2026-42472
CRITICAL NVDCVSS Score
9.8
Severity
CRITICAL
Source
NVD
Published
May 01, 2026
Description
Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize() on data from Redis in the RedisHandler object.