Description

Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. In versions 1.6.3 and below, Reverb passes data from the Redis channel directly into PHP’s unserialize() function without restricting which classes can be instantiated, which leaves users vulnerable to Remote Code Execution. The exploitability of this vulnerability is increased because Redis servers are commonly deployed without authentication, but only affects Laravel Reverb when horizontal scaling is enabled (REVERB_SCALING_ENABLED=true). This issue has been fixed in version 1.7.0. As a workaround, require a strong password for Redis access and ensure the service is only accessible via a private network or local loopback, and/or set REVERB_SCALING_ENABLED=false to bypass the vulnerable logic entirely (if the environment uses only one Reverb node).

INFO

Published Date :

2026-01-21T22:07:55.682Z

Last Modified :

2026-01-22T16:49:37.182Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23524 vulnerability.

Vendors Products
Laravel
  • Reverb
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23524.

URL Resource
https://cwe.mitre.org/data/definitions/502.html cve-icon cve-icon
https://github.com/laravel/reverb/commit/9ec26f8ffbb701f84920dd0bb9781a1797591f1a cve-icon cve-icon
https://github.com/laravel/reverb/releases/tag/v1.7.0 cve-icon cve-icon
https://github.com/laravel/reverb/security/advisories/GHSA-m27r-m6rx-mhm4 cve-icon cve-icon
https://laravel.com/docs/12.x/reverb#scaling cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact