VYPR
Critical severityCISA KEVNVD Advisory· Published Apr 10, 2025· Updated Oct 21, 2025

CVE-2024-58136

CVE-2024-58136

Description

Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
yiisoft/yii2Packagist
< 2.0.522.0.52

Affected products

2

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.