VYPR
Unrated severityOSV Advisory· Published Feb 3, 2026· Updated Feb 4, 2026

PEAR Has a Predictable Verification Hash in Election Account Requests

CVE-2026-25235

Description

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, predictable verification hashes may allow attackers to guess verification tokens and potentially verify election account requests without authorization. This issue has been patched in version 1.33.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • Range: pearweb-1.26.1, pearweb-1.28.1, pearweb-1.29.0, …

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.