{"uuid": "2dcdcb14-7f42-447a-8ff6-dfcb2b7ce218", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6735", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116549460028714689", "content": "\u26a0\ufe0f HIGH-severity XSS (CVE-2026-6735) impacts PHP 8.2 \u2013 8.5: improper input handling on PHP-FPM status page enables JavaScript injection via crafted URLs. Restrict access & watch for updates. https://radar.offseq.com/threat/cve-2026-6735-cwe-79-improper-neutralization-of-in-fbc11f41 #OffSeq #PHP #XSS #AppSec", "creation_timestamp": "2026-05-10T09:00:26.635341Z"}