Lucene search
K

15 matches found

BDU FSTEC
BDU FSTEC
added 2026/06/18 12:0 a.m.3 views

The vulnerability of the SoapServer class in the PHP programming language involves the use of memory after it is freed. This allows attackers to exploit the vulnerable code to disclose sensitive information or cause service failures.

The vulnerability of the SoapServer class in the PHP programming language is related to the use of memory after it is freed during the processing of the SOAPPERSISTENCESESSION parameter. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose sensitive information or...

10CVSS5.7AI score0.00302EPSS
Exploits0References4Affected Software2
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.10 views

CVE-2026-7261

A flaw was found in the PHP SoapServer component. When the server is configured to maintain session persistence, an error during a SOAP request can cause the system to incorrectly manage memory. This can lead to a "use-after-free" vulnerability, where the system attempts to use memory that has...

9.8CVSS5.1AI score0.00302EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/05/21 11:57 a.m.8 views

Security update for php8

This update for php8 fixes the following issues CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776...

9.8CVSS6.5AI score0.0078EPSS
Exploits1References32
CloudLinux
CloudLinux
added 2026/05/21 10:37 a.m.18 views

php: Fix of 2 CVEs

CVE-2026-6722: Use-after-free in SOAP ext via stale refmap pointer - CVE-2026-7261: Use-after-free in SOAP after header parse failure with SOAPPERSISTENCESESSION...

9.8CVSS5.8AI score0.00739EPSS
Exploits0
OSV
OSV
added 2026/05/18 5:38 p.m.19 views

CLSA-2026-1779125894 php: Fix of 7 CVEs

CVE-2026-7258: fix out-of-bounds read in urldecode via signed-char to ctype.h GHSA-m8rr-4c36-8gq4 - CVE-2026-6722: fix stale SOAPGLOBAL refmap pointer with Apache Map GHSA-85c2-q967-79q5 - CVE-2026-7259: fix null pointer dereference in phpmbcheckencoding via mberegsearchinit GHSA-wm6j-2649-pv75 -...

9.8CVSS5.9AI score0.0078EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/17 8:15 a.m.10 views

CVE-2026-8741

A vulnerability has been found in EMQX up to 6.2.0. This affects an unknown function of the file apps/emqx/src/emqxpersistentsessionds.erl of the component QoS 2 PUBLISH Packet Handler. Such manipulation leads to race condition. The attack may be performed from remote. A high complexity level is...

3.1CVSS5AI score0.00282EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40283

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAP PERSISTENCE SESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the...

9.8CVSS5.8AI score0.00302EPSS
Exploits0References3
NVD
NVD
added 2026/05/10 5:16 a.m.21 views

CVE-2026-7261

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

9.8CVSS0.00302EPSS
Exploits0References1
OSV
OSV
added 2026/05/10 5:16 a.m.11 views

UBUNTU-CVE-2026-7261

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

9.8CVSS5.8AI score0.00302EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/10 5:16 a.m.10 views

CVE-2026-7261

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

9.8CVSS5.8AI score0.00302EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/10 4:7 a.m.58 views

CVE-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

6.3CVSS0.00302EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/10 4:7 a.m.10 views

CVE-2026-7261

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

9.8CVSS5.8AI score0.00302EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/10 4:7 a.m.8 views

CVE-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

6.3CVSS5.8AI score0.00302EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/10 4:7 a.m.6 views

CVE-2026-7261

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

6.3CVSS5.8AI score0.00302EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/10 4:7 a.m.12 views

CVE-2026-7261

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

9.8CVSS5.8AI score0.00302EPSS
Exploits0
Rows per page
Query Builder