[CRITICAL] Livewire is vulnerable to remote command execution during component property update hydration

PKSA-g5js-3ypd-k2kr CVE-2025-54068 GHSA-29cq-5w36-x7w3

Affected version: >=3.0.0-beta.1,<3.6.4

Reported by:
GitHub

[HIGH] Livewire Remote Code Execution on File Uploads

PKSA-9tny-xycd-bd72 CVE-2024-47823 GHSA-f3cx-396f-7jqp

Affected version: <2.12.7|>=3.0.0-beta.1,<3.5.2

Reported by:
GitHub