Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
Outdated PHP on Red Hat Systems Allows Remote Code Execution
RHSA-2026:4086
Summary
An update to the PHP software on Red Hat systems is available to fix a security issue. This issue could allow an attacker to run unauthorized code on the server, potentially stealing sensitive information or taking control of the system. Update your PHP software to the latest version to protect your system.
What to do
- Update redhat php to version 0:8.0.30-3.el9_6.1.
- Update redhat php-bcmath to version 0:8.0.30-3.el9_6.1.
- Update redhat php-bcmath-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-cli to version 0:8.0.30-3.el9_6.1.
- Update redhat php-cli-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-common to version 0:8.0.30-3.el9_6.1.
- Update redhat php-common-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-dba to version 0:8.0.30-3.el9_6.1.
- Update redhat php-dba-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-dbg to version 0:8.0.30-3.el9_6.1.
- Update redhat php-dbg-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-debugsource to version 0:8.0.30-3.el9_6.1.
- Update redhat php-devel to version 0:8.0.30-3.el9_6.1.
- Update redhat php-embedded to version 0:8.0.30-3.el9_6.1.
- Update redhat php-embedded-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-enchant to version 0:8.0.30-3.el9_6.1.
- Update redhat php-enchant-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-ffi to version 0:8.0.30-3.el9_6.1.
- Update redhat php-ffi-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-fpm to version 0:8.0.30-3.el9_6.1.
- Update redhat php-fpm-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-gd to version 0:8.0.30-3.el9_6.1.
- Update redhat php-gd-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-gmp to version 0:8.0.30-3.el9_6.1.
- Update redhat php-gmp-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-intl to version 0:8.0.30-3.el9_6.1.
- Update redhat php-intl-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-ldap to version 0:8.0.30-3.el9_6.1.
- Update redhat php-ldap-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-mbstring to version 0:8.0.30-3.el9_6.1.
- Update redhat php-mbstring-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-mysqlnd to version 0:8.0.30-3.el9_6.1.
- Update redhat php-mysqlnd-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-odbc to version 0:8.0.30-3.el9_6.1.
- Update redhat php-odbc-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-opcache to version 0:8.0.30-3.el9_6.1.
- Update redhat php-opcache-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-pdo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-pdo-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-pgsql to version 0:8.0.30-3.el9_6.1.
- Update redhat php-pgsql-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-process to version 0:8.0.30-3.el9_6.1.
- Update redhat php-process-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-snmp to version 0:8.0.30-3.el9_6.1.
- Update redhat php-snmp-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-soap to version 0:8.0.30-3.el9_6.1.
- Update redhat php-soap-debuginfo to version 0:8.0.30-3.el9_6.1.
- Update redhat php-xml to version 0:8.0.30-3.el9_6.1.
- Update redhat php-xml-debuginfo to version 0:8.0.30-3.el9_6.1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| redhat | php | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-bcmath | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-bcmath-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-cli | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-cli-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-common | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-common-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-dba | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-dba-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-dbg | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-dbg-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-debugsource | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-devel | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-embedded | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-embedded-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-enchant | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-enchant-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-ffi | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-ffi-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-fpm | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-fpm-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-gd | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-gd-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-gmp | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-gmp-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-intl | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-intl-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-ldap | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-ldap-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-mbstring | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-mbstring-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-mysqlnd | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-mysqlnd-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-odbc | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-odbc-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-opcache | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-opcache-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-pdo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-pdo-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-pgsql | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-pgsql-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-process | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-process-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-snmp | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-snmp-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-soap | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-soap-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-xml | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
| redhat | php-xml-debuginfo | <= 0:8.0.30-3.el9_6.1 | 0:8.0.30-3.el9_6.1 |
Original title
Red Hat Security Advisory: php security update
osv CVSS3.1
6.5
- https://access.redhat.com/errata/RHSA-2026:4086 Vendor Advisory
- https://access.redhat.com/security/updates/classification/#moderate Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2425625 Third Party Advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_4086.j... Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2025-14178 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-14178 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-14178 Vendor Advisory
- https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2 Third Party Advisory
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026