CVE-2026-14355
Last modified
CVE-2026-14355 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 8.4.* before 8.4.23, 8.5.* before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without accounting for RFC 5649 expansion. EPSS estimates a 0.28% chance of exploitation in the next 30 days.
Description
In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 8.4.* before 8.4.23, 8.5.* before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without accounting for RFC 5649 expansion. This may cause OpenSSL to write beyond allocated memory, corrupting heap metadata and triggering application abort.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Php | Php | >= 8.2.0, < 8.2.32 |
| Php | Php | >= 8.3.0, < 8.3.32 |
| Php | Php | >= 8.4.0, < 8.4.23 |
| Php | Php | >= 8.5.0, < 8.5.8 |
| Debian | Debian Linux | 12.0 |
References
- https://lists.debian.org/debian-lts-announce/2026/07/msg00010.htmlMailing List, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-14355?
How severe is CVE-2026-14355?
How do I fix CVE-2026-14355?
Related CVEs from 2026
- CVE-2026-14340An incorrect authorization vulnerability was identified in G…5
- CVE-2026-14342The Mail Mint – Email Marketing, Newsletter, Email Automatio…4.9
- CVE-2026-14343The Download Manager plugin for WordPress is vulnerable to S…6.4
- CVE-2026-14345The WPFunnels – Funnel Builder for WooCommerce with Checkout…9.8
- CVE-2026-1435Not properly invalidated session vulnerability in Graylog We…9.8
- CVE-2026-14352The AR for WooCommerce plugin for WordPress is vulnerable to…7.5
- CVE-2026-14358Improper neutralization of input during web page generation …6.1
- CVE-2026-1436Improper Access Control (IDOR) in the Graylog API, version 2…6.5
- CVE-2026-14361The consul-template library before version 0.42.1 is vulnera…4.7
- CVE-2026-14362HashiCorp memberlist before version 0.6.0 is vulnerable to a…4.9
- CVE-2026-14363Improper neutralization of special elements used in an SQL c…9.8
- CVE-2026-1437Reflected Cross-Site Scripting (XSS) vulnerability in the Gr…6.1
Are you affected by CVE-2026-14355?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
