Severity:
HIGH RISK
(8.1)
PHP Object Injection via JSON Deserialization (CWE-502) in Zumba Json Serializer
CVE-2026-27206
Published:
Feb 21, 2026
Status:
Awaiting Analysis
Summary
Affected Context
Exploit Preconditions
Why This Happens
Potential Impact
General Mitigation Guidance
How Teams Detect Issues Like This
Frequently Asked Questions
Source
NDV
