FOLLOW-UP: CVE-2026-39987 assessment revised based on exploit telemetry collected initially. Incident telemetry now indicates attack surface is narrower than previously assessedâexploitation requires specific PHP version combinations present in approximately 3.2% of affected deployments rather than the 18% estimated two days ago. Mitigation priority has been downgraded from critical to high-priority based on revised attack vector analysis.