NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-7263

Summary	In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, DOMNode::C14N() method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial of service in the processing application.
Publication Date	May 10, 2026, 3:16 p.m.
Registration Date	May 11, 2026, 4:08 a.m.
Last Update	May 10, 2026, 3:16 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/php/php-src/security/advisories/GHSA-4jhr-8w89-j733	security@php.net

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-835	無限ループ	https://cwe.mitre.org/data/definitions/835.html
2	CWE-404	リソースの不適切なシャットダウンおよびリリース	https://cwe.mitre.org/data/definitions/404.html