ThreatCluster

Critical PHP Vulnerabilities Enable Remote DoS Attacks

First seen 6 Jul 2026, 13:56 UTC GbhackersCybersecuritynews 73% similarity 73

Article Content

Browse articles
ThreatCluster

Multiple vulnerabilities in PHP have been disclosed, notably CVE-2026-12184, which allows attackers to trigger denial-of-service (DoS) conditions remotely, crashing entire PHP-FPM process pools. The vulnerabilities affect several active branches of PHP, including versions prior to the latest updates. CVE-2026-14355 was published on July 3, 2026, and also poses risks of memory corruption. These issues were confirmed through official PHP security advisories and GitHub advisories. Web applications utilizing affected PHP versions are at significant risk, necessitating immediate attention from developers and system administrators.

Key Points: • CVE-2026-12184 allows remote DoS attacks, impacting PHP-FPM process pools. • CVE-2026-14355 was published on July 3, 2026, affecting multiple PHP branches. • Immediate action is required to mitigate risks associated with these vulnerabilities.

ThreatCluster AI

Timeline

2026-07-03
CVE-2026-14355 published
PHP security advisory disclosed a vulnerability affecting multiple branches, leading to memory corruption risks.
Cybersecuritynews
2026-07-06
CVE-2026-12184 disclosed
A high-severity vulnerability in PHP allows remote DoS attacks, confirmed through GitHub advisory.
Gbhackers

Community

Browse all →