CVE-2026-7568

Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.30 PHP versions 8.3.0 through 8.3.30 PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5

Description The metaphone() function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. When a string exceeding 2,147,483,647 bytes is processed, a signed integer overflow occurs. This leads to undefined behavior, specifically an out-of-bounds read, which can cause a segmentation fault or access to unrelated memory, potentially impacting the availability of the PHP process.

Recommendations Update PHP version 8.2.x to 8.2.31 Update PHP version 8.3.x to 8.3.31 Update PHP version 8.4.x to 8.4.21 Update PHP version 8.5.x to 8.5.6 As a temporary workaround, restrict the length of input strings passed to the metaphone() function to be less than 2,147,483,647 bytes.