CVE-2025-1861CRITICAL 9.8EPSS p49.9%

CVE-2025-1861CVE-2025-1861

Description

In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.74% probability of exploitation · percentile 49.9% · 2026-06-18T12:00:27Z
Published2025-03-30
Last modified2025-11-03

Underlying weaknesses· 1

CWE-131

References

  1. https://github.com/php/php-src/security/advisories/GHSA-52jp-hrpf-2jff
  2. https://lists.debian.org/debian-lts-announce/2025/03/msg00014.html
  3. https://security.netapp.com/advisory/ntap-20250523-0005/

1

TypeTargetConfidenceTier
WeaknessIncorrect Calculation of Buffer Sizecwe-1310%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-14178
CVE
CVE-2026-7261
CVE
CVE-2025-9086
CVE
CVE-2026-8834
CVE
CVE-2026-10861
CVE
CVE-2025-52362
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.