[CRITICAL] Scramble vulnerable to remote code execution via evaluation of user-controlled input in validation rules

PKSA-kb5d-bgb1-8ykp CVE-2026-44262 GHSA-4rm2-28vj-fj39

Affected package: dedoc/scramble

Affected version: >=0.13.2,<=0.13.21

Reported by:
GitHub