[HIGH] Maho is Vulnerable to Authenticated Remote Code Execution via File Upload

PKSA-f55n-cn6g-m3qf CVE-2025-58449 GHSA-vgmm-27fc-vmgp

Affected package: mahocommerce/maho

Affected version: <25.9.0

Reported by:
GitHub