CRITICAL
phpvms
CVE published 2026-05-09
CVE-2026-42569
CVE-2026-42569 is a critical phpVMS vulnerability affecting versions before 7.0.6. According to the source record, unauthenticated users could access a legacy import feature, and the issue was patched in 7.0.6. The NVD entry rates the issue 9.4/Critical and records a network-reachable, no-authentication attack path.