CVE-2026-23524

Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. In versions 1.6.3 and below, Reverb passes data from the Redis channel directly into PHP’s unserialize function without restricting which classes can be instantiated, which leaves users vulnerable to...

CVE-2026-23524

Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. In versions 1.6.3 and below, Reverb passes data from the Redis channel directly into PHP’s unserialize function without restricting which classes can be instantiated, which leaves users vulnerable to...

CVE-2026-23524

Laravel Reverb (laravel/reverb) prior to v1.7.0 is exposed to Remote Code Execution when horizontal scaling is enabled (REVERB_SCALING_ENABLED=true) because data from the Redis channel is deserialized with PHP unserialize() without class restrictions. Affected versions are v1.6.3 and below; vulne...

CVE-2026-23524

Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. In versions 1.6.3 and below, Reverb passes data from the Redis channel directly into PHP’s unserialize function without restricting which classes can be instantiated, which leaves users vulnerable to...

Laravel Redis Horizontal Scaling Insecure Deserialization

Impact This vulnerability affects Laravel Reverb versions prior to v1.7.0 when horizontal scaling is enabled REVERBSCALINGENABLED=true. The exploitability of this vulnerability is increased because Redis servers are commonly deployed without authentication. With horizontal scaling enabled, Reverb...

SUSE CVE-2021-47187

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CP...