Phpvms · Phpvms · CVE-2026-42569
**Name of the Vulnerable Software and Affected Versions**
phpVMS versions 7.x through 7.0.5
**Description**
A critical issue in the legacy importer component allows unauthenticated access to a deprecated import feature. A remote attacker can trigger internal processes to modify or delete application data, which may lead to data loss or service disruption.
**Recommendations**
Update to version 7.0.6 or later.
As a temporary workaround, comment out the routes associated with the legacy importer to disable access to the feature.