As part of my research into Gadget Chains and PHP Object Injection, I discovered an exploitable vulnerability in the Adianti Framework.
The maintainers were responsive to the report and have released a fix in version 8.1
https://adiantiframework.com.br/changelog#810
Details of the report:
https://gist.github.com/mcdruid/8412cfb55f443a1344ff41af0ce1b215
This vulnerability was assigned CVE-2025-3590.