{"id":19918,"date":"2026-04-14T15:57:00","date_gmt":"2026-04-14T15:57:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2026\/04\/14\/new-php-composer-flaws-enable-arbitrary-command-execution-patches-released-infothehackernews-com-the-hacker-news\/"},"modified":"2026-04-14T15:57:00","modified_gmt":"2026-04-14T15:57:00","slug":"new-php-composer-flaws-enable-arbitrary-command-execution-patches-released-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2026\/04\/14\/new-php-composer-flaws-enable-arbitrary-command-execution-patches-released-infothehackernews-com-the-hacker-news\/","title":{"rendered":"New PHP Composer Flaws Enable Arbitrary Command Execution \u2014 Patches Released info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>Two high-severity security vulnerabilities\u00a0have been disclosed in Composer, a package\u00a0manager for\u00a0PHP, that, if successfully exploited, could result in arbitrary command execution.<br \/>\nThe vulnerabilities\u00a0have been\u00a0described as command injection flaws affecting the Perforce VCS (version control software) driver. Details of the two flaws are below\u00a0&#8211;<\/p>\n<p>CVE-2026-40176 (CVSS<a href=\"https:\/\/thehackernews.com\/2026\/04\/new-php-composer-flaws-enable-arbitrary.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>Two high-severity security vulnerabilities\u00a0have been disclosed in Composer, a package\u00a0manager for\u00a0PHP, that, if successfully exploited, could result in arbitrary command execution. The vulnerabilities\u00a0have been\u00a0described as command injection flaws affecting the Perforce VCS (version control software) driver. Details of the two flaws are below\u00a0&#8211; CVE-2026-40176 (CVSSRead More\u00a0<\/p>\n","protected":false},"author":1,"featured_media":19919,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-19918","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/19918","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=19918"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/19918\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/19919"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=19918"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=19918"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=19918"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}