VYPR
Unrated severityNVD Advisory· Published Mar 24, 2026· Updated Mar 25, 2026

Unauthenticated arbitrary PHP class instantiation

CVE-2026-23923

Description

An unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate arbitrary PHP classes. The impact depends on environment setup but appears limited at this time.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.