CVE-2026-33942 | saloonphp saloon up to 3.x unserialize deserialization (GHSA-rf88-776r-rcq9)

A vulnerability, which was classified as critical, has been found in saloonphp saloon up to 3.x. This affects the function AccessTokenAuthenticator::unserialize. This manipulation causes deserialization.

This vulnerability is registered as CVE-2026-33942. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More