CVE ID :CVE-2026-7888 Published : June 3, 2026, 6:10 p.m. | 1 hour, 3 minutes ago Description :Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the Workflow, Form block, and File/Set components that lack the allowed_classes restriction. An...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-7888 - Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the Workflow, Form block, and File/Set components that lack the allowed_classes restriction.

VERWANDTEARTIKEL

CVE-2026-42588

[Medium] CVE-2026-43924 – FOSSBilling is a free, open-source billing and client management system. Prior t...

[High] CVE-2026-44609 – Local privilege escalation due to EXE hijacking vulnerability. The following pro...

[High] CVE-2026-50033 – Local privilege escalation due to DLL hijacking vulnerability. The following pro...

[Unknown] CVE-2026-37700 – Cross Site Scripting vulnerability in MaxSite CMS v.109.2 allows a remote attack...

[Medium] CVE-2026-40495 – FOSSBilling is a free, open-source billing and client management system. Version...