Back to CVE List

CVE-2026-7263

HIGH SEVERITY

CVSS Score & Metrics

Base Score
7.5 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Description

In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, DOMNode::C14N() method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial of service in the processing application.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-404
Source
NVD
Vendor
php
Product
php

External References

Discussion (0)

Add Comment

No comments yet. Be the first!