A critical security vulnerability in CodeIgniter4’s ImageMagick handler has been discovered that could allow attackers to execute arbitrary commands on affected web applications through malicious file uploads.
The vulnerability, tracked as CVE-2025-54418, has been assigned a maximum CVSS score of 10.0, indicating its severe nature and potential for widespread exploitation.
https://gbhackers.com/critical-codeigniter-flaw/