CVE-2026-7261 | PHP up to 8.2.30/8.3.30/8.4.20/8.5.5 SOAP Request use after free (GHSA-m33r-qmcv-p97q)

A vulnerability classified as critical has been found in PHP up to 8.2.30/8.3.30/8.4.20/8.5.5. This issue affects some unknown processing of the component SOAP Request Handler. Performing a manipulation results in use after free.

This vulnerability is reported as CVE-2026-7261. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More