195 matches found
CVE-2026-24765
PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...
UBUNTU-CVE-2026-24765
PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...
CVE-2026-24765
PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...
EUVD-2026-4725
PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...
CVE-2026-24765
PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...
CVE-2026-24765 PHPUnit Vulnerable to Unsafe Deserialization in PHPT Code Coverage Handling
PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...
CVE-2026-24765 PHPUnit Vulnerable to Unsafe Deserialization in PHPT Code Coverage Handling
PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...
CVE-2026-24765
CVE-2026-24765 affects PHPUnit; the vulnerability stems from unsafe deserialization of code coverage data during PHPT test execution. In older releases (pre-12.5.8, 11.5.50, 10.5.62, 9.6.33, 8.5.52), PHPUnit deserializes .coverage files without validating allowed classes in cleanupForCoverage(), ...
CVE-2026-24765
PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...
PT-2026-5026
Name of the Vulnerable Software and Affected Versions PHPUnit versions prior to 12.5.8 PHPUnit versions prior to 11.5.50 PHPUnit versions prior to 10.5.62 PHPUnit versions prior to 9.6.33 PHPUnit versions prior to 8.5.52 Description PHPUnit, a testing framework for PHP, contains a flaw related to...
EUVD-2013-4594
Malware in sbrugna...
EUVD-2022-5180
Malicious code in bioql PyPI...
Exploit for Code Injection in Phpunit_Project Phpunit
🛡️ PHPUnit Go Scanner CVE-2017-9841 A fast, multithreaded s...
MAL-2025-29197 Malicious code in phpunit (npm)
The package phpunit was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...
Malicious code in phpunit (npm)
The package phpunit was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...
CVE-2024-6565
The AForms — Form Builder for Price Calculator & Cost Estimation plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.2.6. This is due to the plugin utilizing the aura library and allowing direct access to the phpunit test files. This makes it possibl...
CVE-2025-2690
A vulnerability, which was classified as critical, was found in yiisoft Yii2 up to 2.0.39. This affects the function Generate of the file phpunit\src\Framework\MockObject\MockClass.php. The manipulation leads to deserialization. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-2690
CVE-2025-2690 affects yiisoft/yii2 up to 2.0.39. The issue is in Generate() of phpunit\src\Framework\MockObject\MockClass.php and enables deserialization, with remote attack potential. Public exploit details exist; multiple sources (NVD, Red Hat, osv) corroborate a critical severity, though CVSS ...
CVE-2024-13539
The AForms Eats plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.3.1. This is due the /vendor/aura/payload-interface/phpunit.php file being publicly accessible and displaying error messages. This makes it possible for unauthenticated attackers to...
PT-2025-6427 · WordPress · Aforms Eats
Name of the Vulnerable Software and Affected Versions: AForms Eats plugin for WordPress versions up to, and including, 1.3.1 Description: The issue is related to Full Path Disclosure, which occurs due to the /vendor/aura/payload-interface/phpunit.php file being publicly accessible and displaying...