A pair of memory-safety bugs lurking inside PHP’s image-handling functions, CVE-2025-14177 and an unpatched heap overflow in iptcembed, could allow attackers to leak sensitive server memory or crash PHP applications using nothing more than a crafted JPEG file. PHP powers a massive share of the internet. Yet its core C extension, ext/standard, is rarely scrutinized the […]
The post Weaponized JPEG Images Could Enable Exploitation of PHP Memory Flaws appeared first on Cyber Security News.