Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-45305

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Yaml\Parser::cleanup() used regular expressions with overlapping quantifiers for YAML directive, comment, and document marker cleanup, allowing crafted input to make parsing hang for an arbitrarily long time. This issue is fixed in versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 47.5%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2026-45305


Contact Us

Shodan ® - All rights reserved