How severe is CVE-2024-58136?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2024-58136?

This is classified as CWE-424, which is a common weakness in software security.

CVE-2024-58136

CRITICAL Year: 2024

CVSS v3 Score

9.8

Critical

Weakness Type

CWE-424

View all →

Vulnerability Description

Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025.

CVE-2025-48827

CRITICAL

CVSS:10.0(Critical)

vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method...

CWE-4242025

CVE-2025-48828

CRITICAL

CVSS:9.0(Critical)

Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine. By crafting template code in an alternative PHP function invocat...

CWE-4242025

CVE-2023-20272

HIGH

CVSS:8.8(High)

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to upload malicious files to the web root of the application. This...

CWE-4242023

CVE-2023-5165

HIGH

CVSS:8.8(High)

Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching ...

CWE-4242023

CVE-2023-52952

CRITICAL

CVSS:8.5(High)

A vulnerability has been identified in HiMed Cockpit 12 pro (J31032-K2017-H259) (All versions >= V11.5.1 < V11.6.2), HiMed Cockpit 14 pro+ (J31032-K2017-H435) (All versions >= V11.5.1 < V11.6.2), HiMe...

CWE-4242023