CVE-2026-25524

Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to version 20.17.0, PHP functions such as getimagesize, fileexists, and isreadable can trigger...

PT-2018-2631 · Php +2 · Phpmailer +2

Name of the Vulnerable Software and Affected Versions: PHPMailer versions prior to 5.2.27 PHPMailer versions 6.x prior to 6.0.6 Description: The issue is related to insufficient input validation in the PHPMailer library, allowing a remote attacker to perform an object injection attack. This could...

php: use after free in phar_object.c

A use-after-free flaw was found in PHP's phar PHP Archive paths implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memory...

php: buffer over-read in Phar metadata parsing

A buffer over-read flaw was found in PHP's phar PHP Archive paths implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memory...