CVE Catalog
CVE-2026-42473
CriticalSummary
MixPHP Framework versions 2.x through 2.2.17 have an unsafe deserialization vulnerability. The session and cache handlers use unserialize() on data from the filesystem in the FileHandler object.
Risk Assessment
This vulnerability could lead to the execution of malicious code, posing a serious threat to the security of the application and user data.
Recommendation
It is recommended to update MixPHP Framework to the latest version to mitigate this vulnerability and to review and secure data stored in the filesystem.
Original NVD description (English source)
Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize() on data from the filesystem in the FileHandler object.

