CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

CVE-2026-7259

A flaw was found in PHP. When an attacker input can influence the encoding passed to mbregexencoding and the application subsequently uses mbregex search APIs, a NULL pointer dereference can occur due to a mismatch between the Oniguruma and mbfl encoding support. This issue can cause a crash in t...

6.5CVSS5.8AI score0.00052EPSS

Exploits0References4

OSV•added 2026/05/15 2:2 p.m.•4 views

OESA-2026-2341 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

9.8CVSS6.1AI score0.00353EPSS

Exploits0References5

OSV•added 2026/05/12 8:56 a.m.•2 views

BIT-PHP-MIN-2026-7259 Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, resulting in a segmentation fault and denial of service. The vulnerability is exploitable when...

6.5CVSS5.8AI score0.00052EPSS

Exploits0References2

OSV•added 2026/05/12 8:56 a.m.•3 views

BIT-PHP-2026-7259 Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()

6.5CVSS5.8AI score0.00052EPSS

Exploits0References2

Positive Technologies•added 2026/05/12 12:0 a.m.•5 views

PT-2026-40307

6.5CVSS5.8AI score0.00052EPSS

Exploits0References3

Positive Technologies•added 2026/05/12 12:0 a.m.•4 views

PT-2026-40282

6.5CVSS5.8AI score0.00052EPSS

Exploits0References3

SUSE CVE•added 2026/05/11 2:17 p.m.•5 views

SUSE CVE-2026-7259

7.5CVSS5.8AI score0.00052EPSS

Exploits0References7

UbuntuCve•added 2026/05/10 5:16 a.m.•3 views

CVE-2026-7259

6.5CVSS5.8AI score0.00052EPSS

Exploits0References2

EUVD•added 2026/05/10 4:13 a.m.•3 views

EUVD-2026-28969

2.1CVSS5.8AI score0.00052EPSS

Exploits0References1

Debian CVE•added 2026/05/10 4:13 a.m.•6 views

CVE-2026-7259

6.5CVSS5.8AI score0.00052EPSS

Exploits0

Cvelist•added 2026/05/10 4:13 a.m.•40 views

CVE-2026-7259 Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()

2.1CVSS0.00052EPSS

Exploits0References1

ATTACKERKB•added 2026/05/10 4:13 a.m.•4 views

CVE-2026-7259

2.1CVSS5.8AI score0.00052EPSS

Exploits0References2Affected Software1

AlpineLinux•added 2026/05/10 4:13 a.m.•4 views

CVE-2026-7259

6.5CVSS5.8AI score0.00052EPSS

Exploits0

CNNVD•added 2026/05/10 12:0 a.m.•5 views

PHP 代码问题漏洞

PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 contained code vulnerabilities. These vulnerabilities were caused by mismatches in the encoding lists between Oniguruma and mbfl, leading to null pointer dereferencing...

6.5CVSS5.9AI score0.00052EPSS

Exploits0References1

Positive Technologies•added 2026/05/07 12:0 a.m.•5 views

PT-2026-39447

Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.30 PHP versions 8.3.0 through 8.3.30 PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description A mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, whi...

9.8CVSS5.8AI score0.00353EPSS

Exploits1References59

Tenable Nessus•added 2020/01/27 12:0 a.m.•105 views

PHP 7.4.x < 7.4.2 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.27, 7.3.x prior to 7.3.14, or 7.4.x prior to 7.4.2. It is, therefore, affected by multiple vulnerabilities: - A buffer overflow exists in mbflfiltconvbig5wchar due to an input validation error...

9.1CVSS9.1AI score0.06404EPSS

Exploits2References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by