Laravel · Laravel · CVE-2021-28254
**Name of the Vulnerable Software and Affected Versions**
Laravel version 8.5.9
**Description**
A deserialization vulnerability in the `destruct()` function allows attackers to execute arbitrary commands.
**Recommendations**
For Laravel version 8.5.9, consider disabling the `destruct()` function until a patch is available.