[HIGH] Zumba Json Serializer has a potential PHP Object Injection via Unrestricted @type in unserialize()

PKSA-zhg7-9xn9-qv5j CVE-2026-27206 GHSA-v7m3-fpcr-h7m2

Affected version: <3.2.3

Reported by:
GitHub