CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2025-14179

highcovered by 2 sourcesfirst seen 2026-07-06
It was discovered that PHP incorrectly handled SOAP object deduplication when processing apache:Map nodes with duplicate keys. An attacker could possibly use this to cause a use-after-free, resulting in remote code execution. (CVE-2026-6722) It was discovered that PHP incorrectly handled SOAP request persistence when configured with SOAP_PERSISTENCE_SESSION. An attacker could possibly use this to cause a use-after-free, resulting in memory corruption, information disclosure, or a denial of service. (CVE-2026-7261) It was discovered that the PDO Firebird driver in PHP improperly handled NUL bytes when quoting SQL query strings. An attacker could possibly use this to perform SQL injection when attacker-controlled values are embedded in SQL statements. (CVE-2025-14179)

CSIRTS triage

What
Multiple vulnerabilities could lead to remote code execution, memory corruption, or SQL injection.
Who is affected
Deployments of PHP that utilize the affected features.
Urgency
Remediation is critical due to the potential for severe impacts including remote code execution.
Action
Update PHP to the latest version.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2025-14179

Get an email if CVE-2025-14179 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (2)

External references

NVD record for CVE-2025-14179

CVE.org record

Embed the live status

CVE-2025-14179 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2025-14179 status](https://www.csirts.com/badge/CVE-2025-14179)](https://www.csirts.com/cve/CVE-2025-14179)