{"uuid": "2911f729-73bf-4f38-8436-423911bf917a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54133", "type": "seen", "source": "https://gist.github.com/FR-Flo/86e5c2081bd4ad466f1c6361f0315148", "content": "## \ud83d\udd17 Companion release\n\nThis release ships alongside the **Marketplace-client (frontend)** release PR:\n\n- https://github.com/Wishibam/Marketplace-client/pull/4137\n\n- **Misc**\n    - *:sparkles: feat: store waybills on Scaleway buckets* [\\#7571](https://github.com/Wishibam/Marketplace-api/pull/7571)\n    - *:bug: fix: truncate over-long category names before persist* [\\#7578](https://github.com/Wishibam/Marketplace-api/pull/7578)\n    - *:arrow\\_up: deps: bump jmespath.php to 2.9.1 (CVE-2026-54133)* [\\#7579](https://github.com/Wishibam/Marketplace-api/pull/7579)\n    - *chore(deps): bump phpseclib/phpseclib from 3.0.52 to 3.0.54 in /api* [\\#7580](https://github.com/Wishibam/Marketplace-api/pull/7580)\n    - *:bug: Wrong wmsItems status when LineItems are reserved hours appart* [\\#7585](https://github.com/Wishibam/Marketplace-api/pull/7585)\n    - *:arrow\\_up: deps: bump guzzlehttp/guzzle & psr7 (3 CVE)* [\\#7587](https://github.com/Wishibam/Marketplace-api/pull/7587)\n    - *:wrench: chore: relax composer php upper-bound for PHP 8.5 deploy* [\\#7590](https://github.com/Wishibam/Marketplace-api/pull/7590)", "creation_timestamp": "2026-06-23T14:58:51.000000Z"}