Perforce VCS is a technology platform tracked across 2 threat clusters and 2 intelligence report mentions on ThreatCluster. First observed April 15, 2026; most recent activity April 16, 2026.
Two command injection vulnerabilities, CVE-2026-40176 and CVE-2026-40261, have been identified in Composer's Perforce VCS driver, allowing attackers to execute arbitrary commands on user systems. CVE-2026-40176,…
Two high-severity vulnerabilities in PHP Composer, a dependency manager for PHP, have been identified, allowing attackers to execute arbitrary commands. These flaws can be exploited through malicious repository…