National Cyber Warfare Foundation (NCWF)

PHP PDO Emulated Prepares Expose pdo_pgsql to NULL Pointer Dereference Crash


0 user ratings
2026-07-07 08:14:09
milo
Red Team (CNA)

A recent security audit of PHP’s PDO ecosystem uncovered a denial-of-service vector in the pdo_pgsql driver that can crash PHP processes when emulated prepared statements are enabled. PDO’s parser assumes a valid zend_string and dereferences it, triggering a NULL pointer dereference (SIGSEGV). The issue is tracked as CVE-2025-14180 and rated Moderate (6.3/10). PDO implements two […]


The post PHP PDO Emulated Prepares Expose pdo_pgsql to NULL Pointer Dereference Crash appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.



Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/php-pdo-ecosystem/


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Red Team (CNA)



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.