Saloon has insecure deserialization in AccessTokenAuthenticator (object injection / RCE)
Description
Saloon is a PHP library that gives users tools to build API integrations and SDKs. Versions prior to 4.0.0 used PHP's unserialize() in AccessTokenAuthenticator::unserialize() to restore OAuth token state from cache or storage, with allowed_classes => true. An attacker who can control the serialized string (e.g. by overwriting a cached token file or via another injection) can supply a serialized "gadget" object. When unserialize() runs, PHP instantiates that object and runs its magic methods (__wakeup, __destruct, etc.), leading to object injection. In environments with common dependencies (e.g. Monolog), this can be chained to remote code execution (RCE). The fix in version 4.0.0 removes PHP serialization from the AccessTokenAuthenticator class requiring users to store and resolve the authenticator manually.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Saloon PHP library prior to v4.0.0 unserializes attacker-controlled data with allowed_classes true, enabling object injection that can lead to RCE.
Vulnerability
CVE-2026-33942 is an insecure deserialization vulnerability in the Saloon PHP library, affecting versions before 4.0.0. The AccessTokenAuthenticator class implements unserialize() using PHP's unserialize() with allowed_classes => true to restore OAuth token state from cache or storage [1][4]. This design allows an attacker who can control the serialized string—for example, by overwriting a cached token file or through another injection vector—to supply a malicious serialized "gadget" object [2]. When unserialize() runs, PHP instantiates that object and automatically invokes its magic methods such as __wakeup() and __destruct(), leading to object injection [1][2].
Exploitation
To exploit this vulnerability, an attacker must have the ability to influence or replace the serialized data that Saloon deserializes. This could occur if the serialized authenticator is stored in a file, database, or cache that the attacker can write to, or if the application deserializes input from an untrusted source [1][4]. The attack does not require authentication if the attacker can directly supply the serialized payload. Once the malicious object is deserialized, the attacker can chain common PHP classes—such as those from the Monolog library—into a gadget chain that results in remote code execution (RCE) [1][4].
Impact
Successful exploitation allows an attacker to execute arbitrary PHP code on the server, leading to full compromise of the application and its data. The impact is critical (CVSS 9.8 per NVD) because the attack can be unauthenticated and remotely exploitable if the attacker can supply the serialized payload [1].
Mitigation
The vulnerability has been fixed in Saloon version 4.0.0, which removes the serialize() and unserialize() methods from the AccessTokenAuthenticator class [1][2]. Users are required to manually store and resolve the authenticator by reading its accessToken, refreshToken, and expiresAt properties directly [2]. All users running Saloon v3.x should upgrade to v4.0.0 immediately. No workaround is available for affected versions [3][4].
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
saloonphp/saloonPackagist | < 4.0.0 | 4.0.0 |
Affected products
2- saloonphp/saloonv5Range: < 4.0.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/advisories/GHSA-rf88-776r-rcq9ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-33942ghsaADVISORY
- docs.saloon.dev/upgrade/upgrading-from-v3-to-v4ghsax_refsource_MISCWEB
- github.com/saloonphp/saloon/security/advisories/GHSA-rf88-776r-rcq9ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.