Security Advisories - PKSA-ztv6-h3sy-m4xc - Packagist.org

PKSA-ztv6-h3sy-m4xc Security Advisory

[CRITICAL] CI4MS Vulnerable to Remote Code Execution (RCE) via Arbitrary File Creation and Save in File Editor

PKSA-ztv6-h3sy-m4xc CVE-2026-25510 GHSA-gp56-f67f-m4px

Affected package: ci4-cms-erp/ci4ms

Affected version: <0.28.5.0

Reported by:
GitHub