All 3 CVE vulnerabilities found in saloon, with AI-generated Chinese analysis, references, and POCs.
Vendor: saloonphp
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-33942 | Saloon has insecure deserialization in AccessTokenAuthenticator (object injection / RCE) CWE-502 | 8.8 | - | 2026-03-26 |
| CVE-2026-33183 | Saloon has a Fixture Name Path Traversal Vulnerability CWE-22 | 8.1 | - | 2026-03-26 |
| CVE-2026-33182 | Saloon is vulnerable to SSRF and credential leakage via absolute URL in endpoint overriding base URL CWE-918 | 8.8 | - | 2026-03-26 |
All 3 known CVE vulnerabilities affecting saloon with full Chinese analysis, references, and POCs where available.