CVE Catalog
CVE-2026-39471
HighCVSS 7.2Exploitation Probability (EPSS)
Low risk0.45%
35th percentile - higher than 35% of all known CVEs
Summary
Versions of ShortPixel Image Optimizer up to 6.4.3 are vulnerable to PHP Object Injection attacks, potentially leading to unauthorized system access.
Risk Assessment
An attacker could exploit this vulnerability to inject malicious code, posing a serious threat to application security and user data.
Recommendation
It is recommended to update ShortPixel Image Optimizer to the latest version to mitigate this vulnerability.
Original NVD description (English source)
Author PHP Object Injection in ShortPixel Image Optimizer <= 6.4.3 versions.

