from Hacker News

Attention Laravel developers: The Laravel RCE vulnerability in the "cookie" session driver exposes the encryption keys, allowing attackers to execute remote code on affected systems.

https://vulert.com/vuln-db/packagist-laravel-framework-128248