CVE-2026-7262 | PHP up to 8.2.30/8.3.30/8.4.20/8.5.5 SOAP Server null pointer dereference (GHSA-hmxp-6pc4-f3vv)

A vulnerability was found in PHP up to 8.2.30/8.3.30/8.4.20/8.5.5 and classified as problematic. The affected element is an unknown function of the component SOAP Server Handler. The manipulation results in null pointer dereference.

This vulnerability was named CVE-2026-7262. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More