Vulnerabilities in PHP
5 resultsCVE-2019-11043HIGHUnderflow in PHP-FPM can lead to RCEEPSS 99.5%KEVCVE-2014-3622—Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackerEPSS 3.1%CVE-2026-24895HIGHFrankenPHP affected by Path Confusion via Unicode casing in CGI path splitting allows execution of arbitrary filesEPSS 0.6%CVE-2026-45062HIGHFrankenPHP: Unsafe Unicode Handling in CGI Path Splitting Allows Execution of Non-PHP FilesEPSS 0.6%CVE-2026-24894HIGHFrankenPHP leaks session data between requests in worker modeEPSS 0.4%