CVE-2026-7262 NULL pointer dereference in SOAP apache:Map decoder with missing <value>

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...

CVE-2025-14179 SQL injection in pdo_firebird via NUL bytes in quoted strings

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a string token containing a NUL byte is copied via strncat, which stops at...

CVE-2025-14179

PHP’s PDO Firebird driver is affected in PHP 8.2.x (before 8.2.31), 8.3.x (before 8.3.31), 8.4.x (before 8.4.21), and 8.5.x (before 8.5.6). The root cause is improper handling of NUL bytes during token-by-token SQL query construction: a string token containing a NUL byte is copied with strncat(),...

CVE-2025-14179 SQL injection in pdo_firebird via NUL bytes in quoted strings

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a string token containing a NUL byte is copied via strncat, which stops at...

EUVD-2026-28972

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...

CVE-2026-7568

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...

CVE-2026-6735

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, 8.5. before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause the target to execute arbitrary JavaScript code XSS on the target's machine when the target is viewing...

CVE-2026-6735

CVE-2026-6735 affects PHP with XSS on the PHP-FPM status page due to improper sanitization of user data. Affected branches include PHP 8.2.x before 8.2.31, 8.3.x before 8.3.31, 8.4.x before 8.4.21, and 8.5.x before 8.5.6. Consequence: an attacker can craft a URL that causes the target to execute ...

PHP 缓冲区错误漏洞

PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 contained a buffer error vulnerability. This vulnerability stemmed from the use of the metaphone function, which used signed integer variables to track the current...

PHP SQL注入漏洞

PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 have a SQL injection vulnerability. This vulnerability stems from the improper handling of NUL bytes by the PDO Firebird driver when processing SQL queries, which can...

PT-2026-39457

Name of the Vulnerable Software and Affected Versions PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description An issue exists in the mbstring extension where passing an encoding name containing an embedded NUL byte to certain functions causes the code to incorrectly assume...

Linux Distros Unpatched Vulnerability : CVE-2025-14179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when...

Linux Distros Unpatched Vulnerability : CVE-2026-7259

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads...

PT-2026-39449

Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.30 PHP versions 8.3.0 through 8.3.30 PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description A mistake in the decoding process of a SOAP server with a configured typemap causes the system t...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-016513)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016513 advisory. In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescapefunction on 32-bit systems can cause an...

PT-2026-39446

Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.30 PHP versions 8.3.0 through 8.3.30 PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description Certain functions, including urldecode, pass signed characters to ctype functions such as...

PT-2026-39445

Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.30 PHP versions 8.3.0 through 8.3.30 PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description Improper sanitation of user data allows an attacker to compose a URL that executes arbitrary...

Astra Linux - уязвимость в php8.1, php7.3

In PHP versions 8.1. before 8.1.28, 8.2. before 8.2.18, and 8.3. before 8.3.5, if a password stored using passwordhash starts with a null byte \x00, testing a blank string as the password via passwordverify will incorrectly return true...

Astra Linux - уязвимость в php7.3, php8.1

In PHP versions 8.1. before 8.1.30, and 8.2. before 8.2.24, as well as 8.3. before 8.3.12, erroneous parsing of multipart form data contained in an HTTP POST request could result in legitimate data not being processed. This could allow malicious attackers to control a portion of the submitted dat...

Astra Linux - уязвимость в php7.3

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdomysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can...