CVE-2026-9726
The Basket module for Drupal (AlternativeCommerce) is affected by CVE-2026-9726. The vulnerability arises from insufficient sanitization before PHP unserialize(), enabling PHP Object Injection. Affected versions are 0.0.0 through 2.1.17. If a gadget chain exists in site code or dependencies, this...