CVE Catalog
CVE-2025-69127
CriticalCVSS 9.8Summary
Plumbing versions up to 1.6 are vulnerable to unauthenticated PHP object injection, potentially allowing unauthorized access to the system.
Risk Assessment
Organizations may be exposed to attacks that enable remote code execution or access to sensitive data.
Recommendation
It is recommended to upgrade to the latest version of Plumbing to mitigate this vulnerability.
Original NVD description (English source)
Unauthenticated PHP Object Injection in Plumbing <= 1.6 versions.

