The PHP Security Blog has a new post today talking about a new "round" of XMLRPC vulnerabilities that have cropped up - in PEAR XML_RPC and PHPXMLRPC.

For more detailed information have a look at my advisories for PEAR XML_RPC and PHPXMLRPC. Please upgrade your PEAR XML_RPC package as soon as possible or prepare to get owned by the next wave of XML_RPC exploits.

Updated packages for Drupal are already out and the other 21 affected applications will follow soon.

It looks like the issue this time has the same hole as the previous issue - allowing the execution of "arbitrary PHP code".