CVE-2026-33942
Saloon PHP library prior to version 4.0.0 deserializes OAuth token state via PHP unserialize() in AccessTokenAuthenticator::unserialize() with allowed_classes enabled. An attacker who controls the serialized data (e.g., by overwriting a cached token or injection) can submit a gadget object; upon ...