CVE-2026-7259 | PHP up to 8.2.30/8.3.30/8.4.20/8.5.5 mb_regex_encoding null pointer dereference (GHSA-wm6j-2649-pv75)

A vulnerability was found in PHP up to 8.2.30/8.3.30/8.4.20/8.5.5. It has been rated as problematic. This impacts the function mb_regex_encoding. Performing a manipulation results in null pointer dereference.

This vulnerability is identified as CVE-2026-7259. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More