CVE-2025-6491

MEDIUM

CVSS v3

5.9

MEDIUM

EPSS Score

0.8%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data in SOAP extensions, overly large (>2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server.

Technical Details

CVSS v3 Vector
3.1
Published
7/13/2025
Last Modified
11/4/2025

Frequently Asked Questions

What is CVE-2025-6491?

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data in SOAP extensions, overly large (>2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server.

Is CVE-2025-6491 actively exploited?

Active exploitation of CVE-2025-6491 has not been confirmed. The EPSS score is 0.8%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2025-6491?

CVE-2025-6491 has a CVSS v3 base score of 5.9 (MEDIUM severity), with vector string 3.1.

Is CVE-2025-6491 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.