PHP Composer -- Multiple vulnerabilities

Composer project reports: Fixed command injection via malicious Perforce reference GHSA-gqw4-4w2p-838q / CVE-2026-40261 Fixed command injection via malicious Perforce repository definition GHSA-wg36-wvj6-r67p / CVE-2026-40176...