CVE-2026-7259 vulnerabilities

Vulnerabilities for packages: php...

CVE-2026-7259 vulnerabilities

Vulnerabilities for packages: php...

SUSE-SU-2026:1958-1 Security update for php8

This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. - CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776. -...

SUSE SLES16 Security Update : php8 (SUSE-SU-2026:21612-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21612-1 advisory. This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when...

DEBIAN-CVE-2026-7259

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, resulting in a segmentation fault and denial of service. The vulnerability is exploitable when...

CVE-2026-7259 Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, resulting in a segmentation fault and denial of service. The vulnerability is exploitable when...

CVE-2026-7259

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, resulting in a segmentation fault and denial of service. The vulnerability is exploitable when...

Linux Distros Unpatched Vulnerability : CVE-2026-7259

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads...

CVE-2019-7259

Linear eMerge E3-Series devices allow Authorization Bypass with Information Disclosure...

MAL-2025-7259 Malicious code in @crabas0npm/doloremque-laudantium-itaque (npm)

The package @crabas0npm/doloremque-laudantium-itaque was found to contain malicious code...

MongoDB 8.1.x < 8.1.1 / 8.2.0 DoS (SERVER-102693)

The version of MongoDB installed on the remote host is 8.1 prior to 8.1.1. It is, therefore, affected by a vulnerability as referenced in the SERVER-102693 advisory. - An authorized user can issue queries with duplicate id fields, that leads to unexpected behavior in MongoDB Server, which may...

CVE-2025-7259

An authorized user can issue queries with duplicate id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0...

CVE-2025-7259

creationtimestamp| type| source ---|---|--- 2025-07-07 16:44:57+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114812957280729391 2025-08-06 01:04:20+00:00| seen| MISP/853ff921-86fb-463b-bc2a-2860bf336b81 2025-08-21 10:03:53+00:00| seen| MISP/853ff921-86fb-463b-bc2a-2860bf336b81...

CVE-2025-7259

An authorized user can issue queries with duplicate id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0...

CVE-2025-7259 Certain Queries with Duplicate _id Fields May Cause MongoDB Server to Crash

An authorized user can issue queries with duplicate id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0...

CVE-2025-7259

CVE-2025-7259 describes a DoS vulnerability in MongoDB Server caused by an authorized user issuing queries with duplicate _id fields, triggering unexpected behavior that may crash the server. Affected product/version: MongoDB Server v8.1 (8.1.0) and related 8.1.x prior to 8.1.1 per accompanying a...

Ubuntu 14.04 LTS : GNU C Library vulnerability (USN-7259-3)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7259-3 advisory. USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 14.04 LTS. Tenable has extracted the preceding...

CVE-2024-7259

creationtimestamp| type| source ---|---|--- 2024-09-26 18:50:10+00:00| seen| https://t.me/cvedetector/6421...

CVE-2024-7259 Ovirt-engine: potential exposure of cleartext provider passwords via web ui

A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext...

CVE-2023-7259

CVE-2023-7259 concerns zzdevelop lenosp, Adduser Page, where the username parameter can be manipulated to trigger cross-site scripting. Affected versions are stated as up to 20230831. Descriptions across sources indicate the vulnerability may be exploitable remotely and involve XSS in the Adduser...