CVE-2026-27206 | zumba json-serializer up to 3.2.2 unserialize deserialization (GHSA-v7m3-fpcr-h7m2)

A vulnerability marked as problematic has been reported in zumba json-serializer up to 3.2.2. Affected by this vulnerability is the function JsonSerializer::unserialize. This manipulation causes deserialization.

This vulnerability is handled as CVE-2026-27206. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.