Phusion · Phusion Passenger · CVE-2025-26803
**Name of the Vulnerable Software and Affected Versions**
Phusion Passenger versions 6.0.21 through 6.0.25
**Description**
The issue allows for a denial of service during parsing of a request with an invalid HTTP method, specifically affecting the http parser.
**Recommendations**
For versions 6.0.21 through 6.0.25, update to version 6.0.26 or later to resolve the issue.