CVE-2026-7263— DoS attack via DOMNode::C14N()
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-7263
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DoS attack via DOMNode::C14N()
Source: NVD (National Vulnerability Database)
Vulnerability Description
In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, DOMNode::C14N() method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial of service in the processing application.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
不恰当的资源关闭或释放
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-7263
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-7263
Please Login to view more intelligence information
Same Patch Batch · PHP Group · 2026-05-10 · 10 CVEs total
| CVE-2026-7258 | Out-of-bounds read in urldecode() on NetBSD | |
| CVE-2026-7262 | NULL pointer dereference in SOAP apache:Map decoder with missing <value> | |
| CVE-2026-7261 | SoapServer session-persisted object use-after-free via SOAP header fault | |
| CVE-2026-7259 | Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init() | |
| CVE-2026-7568 | Signed integer overflow in metaphone() | |
| CVE-2026-6722 | Use-After-Free in SOAP using Apache map | |
| CVE-2026-6735 | XSS within PHP-FPM status endpoint | |
| CVE-2025-14179 | SQL injection in pdo_firebird via NUL bytes in quoted strings | |
| CVE-2026-6104 | Global buffer over-read in mb_convert_encoding() with attacker-supplied encoding |
IV. Related Vulnerabilities
Same product: PHP
- CVE-2026-6104
Global buffer over-read in mb_convert_encoding() with attack - CVE-2026-7258
Out-of-bounds read in urldecode() on NetBSD - CVE-2026-6722
Use-After-Free in SOAP using Apache map - CVE-2026-7259
Null pointer dereference in php_mb_check_encoding() via mb_e - CVE-2026-7261
SoapServer session-persisted object use-after-free via SOAP
Same vendor: PHP Group
- CVE-2026-6104
Global buffer over-read in mb_convert_encoding() with attack - CVE-2026-7258
Out-of-bounds read in urldecode() on NetBSD - CVE-2026-6722
Use-After-Free in SOAP using Apache map - CVE-2026-7259
Null pointer dereference in php_mb_check_encoding() via mb_e - CVE-2026-7261
SoapServer session-persisted object use-after-free via SOAP
Same weakness: CWE-404
- CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service - CVE-2026-8267
Open5GS SMF smf_nsmf_handle_created_data_in_vsmf denial of s - CVE-2026-8266
Open5GS SMF gsm-build.c gsm_build_pdu_session_establishment_
V. Comments for CVE-2026-7263
No comments yet