CVE Catalog
CVE-2026-56031
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk0.32%
23th percentile — higher than 23% of all known CVEs
Summary
The vulnerability allows an unauthenticated attacker to perform PHP Object Injection in Uncanny Automator versions up to and including 7.3.1.2. This can lead to remote code execution or other dangerous operations on the server.
Risk Assessment
The risk for the organization includes potential server takeover, data theft, or website disruption without requiring any user authentication.
Recommendation
Immediately update the Uncanny Automator plugin to the latest available version that fixes this vulnerability.
Original NVD description (English source)
Unauthenticated PHP Object Injection in Uncanny Automator <= 7.3.1.2 versions.

