P

Php Security Vulnerabilities (CVE)

Explore vulnerabilities and security advisories affecting Php products.

3 known CVE vulnerabilities tracked

Critical
0
High
2
Medium
1
Low
0
None
0

Vulnerabilities By Year

3
2025

Products Affected

Php 3

All Php CVEs

Recent Highest Score Oldest
CVE-2025-14180
7.5 high

In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting fu

Php Dec 27, 2025
CVE-2025-14178
6.5 medium

In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, a heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE, due to an integer overflow in the precomputation

Php Dec 27, 2025
CVE-2025-14177
7.5 high

In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs d

Php Dec 27, 2025