CVE-2022-31279
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution (RCE) via an unserialized pop chain in __destruct in IlluminateBroadcastingPendingBroadcast.php and __call in FakerGenerator.php.
Source: CVE-2022-31279