CVE-2026-41570

PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string...

[SECURITY] Fedora 42 Update: phpunit9-9.6.34-1.fc42

PHPUnit is a programmer-oriented testing framework for PHP. It is an instance of the xUnit architecture for unit testing frameworks. This package provides the version 9 of PHPUnit, available using the phpunit9 command. Documentation: https://phpunit.de/documentation.html...

[SECURITY] Fedora 42 Update: phpunit10-10.5.63-1.fc42

PHPUnit is a programmer-oriented testing framework for PHP. It is an instance of the xUnit architecture for unit testing frameworks. This package provides the version 10 of PHPUnit, available using the phpunit10 command. Documentation: https://phpunit.de/documentation.html...

[SECURITY] Fedora 42 Update: phpunit8-8.5.52-1.fc42

PHPUnit is a programmer-oriented testing framework for PHP. It is an instance of the xUnit architecture for unit testing frameworks. This package provides the version 8 of PHPUnit, available using the phpunit8 command. Documentation: https://phpunit.de/documentation.html...

[SECURITY] Fedora 43 Update: phpunit11-11.5.50-1.fc43

PHPUnit is a programmer-oriented testing framework for PHP. It is an instance of the xUnit architecture for unit testing frameworks. This package provides the version 11 of PHPUnit, available using the phpunit11 command. Documentation: https://phpunit.de/documentation.html...

[SECURITY] Fedora 43 Update: phpunit10-10.5.63-1.fc43

PHPUnit is a programmer-oriented testing framework for PHP. It is an instance of the xUnit architecture for unit testing frameworks. This package provides the version 10 of PHPUnit, available using the phpunit10 command. Documentation: https://phpunit.de/documentation.html...

[SECURITY] Fedora 43 Update: phpunit9-9.6.34-1.fc43

PHPUnit is a programmer-oriented testing framework for PHP. It is an instance of the xUnit architecture for unit testing frameworks. This package provides the version 9 of PHPUnit, available using the phpunit9 command. Documentation: https://phpunit.de/documentation.html...

CVE-2026-24765

A flaw was found in PHPUnit, a testing framework for PHP. This vulnerability involves unsafe deserialization of code coverage data during PHPT test execution. An attacker with local file write access can exploit this by placing a malicious serialized object into the file system. This can lead to...

The vulnerability of the Util/PHP/eval-stdin.php component of the PHPUnit framework, which allows a hacker to execute arbitrary PHP code.

The vulnerability of the Util/PHP/eval-stdin.php component of the PHPUnit framework is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary PHP code using a specially crafted HTTP POST request...