rpms/php/php80.git/php-cve-2026-6722.patch, branch master The master git repository for php80 RPM Fix XSS within status endpoint 2026-05-11T07:19:33+00:00 Remi Collet remi@remirepo.net 2026-05-11T07:19:33+00:00 8c66a4e97b0f64d1306133822844c59aec3032c0 CVE-2026-6735 Fix Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init() CVE-2026-7259 Fix SQL injection via NUL bytes in quoted strings CVE-2025-14179 Fix Stale SOAP_GLOBAL(ref_map) pointer with Apache Map CVE-2026-6722 Fix Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION CVE-2026-7261 Fix Broken Apache map value NULL check CVE-2026-7262 Fix Signed integer overflow of char array offset CVE-2026-7568 Fix Consistently pass unsigned char to ctype.h functions CVE-2026-7258 
  CVE-2026-6735
Fix Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()
  CVE-2026-7259
Fix SQL injection via NUL bytes in quoted strings
  CVE-2025-14179
Fix Stale SOAP_GLOBAL(ref_map) pointer with Apache Map
  CVE-2026-6722
Fix Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION
  CVE-2026-7261
Fix Broken Apache map value NULL check
  CVE-2026-7262
Fix Signed integer overflow of char array offset
  CVE-2026-7568
Fix Consistently pass unsigned char to ctype.h functions
  CVE-2026-7258