CVE-2026-7258 | PHP up to 8.2.30/8.3.30/8.4.20/8.5.5 urldecode out-of-bounds (GHSA-m8rr-4c36-8gq4)

Inserito da Angelo Barbosa | Mag 10, 2026 | CVE

A vulnerability described as problematic has been identified in PHP up to 8.2.30/8.3.30/8.4.20/8.5.5. This vulnerability affects the function urldecode. Such manipulation leads to out-of-bounds read.

This vulnerability is documented as CVE-2026-7258. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2026-7258 | PHP up to 8.2.30/8.3.30/8.4.20/8.5.5 urldecode out-of-bounds (GHSA-m8rr-4c36-8gq4)

Post correlati

CVE-2024-20480 | Cisco IOS XE up to 17.14.1a SD-Access Fabric Edge Node operator precedence logic error (cisco-sa-ios-xe-sda-edge-dos-MBcbG9k)

CVE-2026-36922 | SourceCodester Cab Management System 1.0 view_category.php sql injection

CVE-2025-58246 | Automattic Plugin up to 6.8.2 on WordPress insertion of sensitive information into sent data

CVE-2025-3221 | IBM InfoSphere Information Server up to 11.7.1.6 allocation of resources (EUVD-2025-18811)