CVE-2026-42473
CRITICAL NVDCVSS Score
9.8
Severity
CRITICAL
Source
NVD
Published
May 01, 2026
Description
Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize() on data from the filesystem in the FileHandler object.