{ "advisories": { "phpoffice/math": [ { "advisoryId": "PKSA-jw72-bn8m-h7rc", "packageName": "phpoffice/math", "affectedVersions": "<=0.2.0", "title": "PHPOffice Math allows XXE when processing an XML file in the MathML format ", "cve": "CVE-2025-48882", "link": "https://github.com/advisories/GHSA-42hm-pq2f-3r7m", "reportedAt": "2025-05-29T17:27:39+00:00", "sources": [ { "name": "GitHub", "remoteId": "GHSA-42hm-pq2f-3r7m" } ], "severity": "high" } ], "phpunit/phpunit": [ { "advisoryId": "PKSA-z3gr-8qht-p93v", "packageName": "phpunit/phpunit", "affectedVersions": ">=0,<8.5.52|>=9.0.0,<9.6.33|>=10.0.0,<10.5.62|>=11.0.0,<11.5.50|>=12.0.0,<12.5.8", "title": "Unsafe Deserialization in PHPT Code Coverage Handling", "cve": "CVE-2026-24765", "link": "https://github.com/sebastianbergmann/phpunit/security/advisories/GHSA-vvj3-c3rp-c85p", "reportedAt": "2026-01-27T05:21:14+00:00", "sources": [ { "name": "GitHub", "remoteId": "GHSA-vvj3-c3rp-c85p" }, { "name": "FriendsOfPHP/security-advisories", "remoteId": "phpunit/phpunit/CVE-2026-24765.yaml" } ], "severity": "high" } ] }, "abandoned": { "paypal/rest-api-sdk-php": "paypal/paypal-server-sdk" }, "filter": [] }