Vulnerabilities > Yiiframework > YII > 2.0.46
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-10 | CVE-2024-58136 | Unspecified vulnerability in Yiiframework YII Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025. | 9.8 |
| 2023-04-04 | CVE-2023-26750 | SQL Injection vulnerability in Yiiframework YII SQL injection vulnerability found in Yii Framework Yii 2 Framework before v.2.0.47 allows the a remote attacker to execute arbitrary code via the runAction function. | 9.8 |