PHP 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, 8.5.* before 8.5.6
Summary
This critical vulnerability is a use-after-free flaw in PHP's SOAP extension that can lead to remote code execution. Attackers who can control the body of SOAP requests processed by an affected server can exploit this issue. Successful exploitation gives attackers arbitrary code execution with the privileges of the PHP process.
Remediation
Update all affected PHP installations to the latest patched versions specified in the PHP security advisory immediately. If patching cannot be completed right away, restrict access to SOAP endpoints to only trusted authorized sources. Monitor server activity for unexpected code execution behavior.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.