CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ⬡ Vulnerabilities & CVEs May 21, 2026

CVE-2026-39850 | yiisoft yii2 up to 2.0.54 PHP File View::renderPhpFile _params_ input validation (GHSA-5vpg-rj7q-qpw2)

VulDB Archived May 21, 2026 ! Full text unavailable

A vulnerability marked as problematic has been reported in yiisoft yii2 up to 2.0.54 . This affects the function View::renderPhpFile of the component PHP File Handler . The manipulation of the argument _params_ leads to improper input validation. This vulnerability is traded as CVE-2026-39850 . It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.

Full text unavailable — view original
✦ AI Summary · Claude Sonnet


    Full text unavailable.
    Open original ↗
    💬 Team Notes
    Article Info
    Source
    VulDB
    Category
    ⬡ Vulnerabilities & CVEs
    Published
    May 21, 2026
    Archived
    May 21, 2026
    Full Text
    ✗ Not available
    Open Original ↗