23:38
2026-05-01
blog.calif.io
ai-research
MAD Bugs: Finding and Exploiting a 21-Year-Old Vulnerability in PHP
A security researcher has discovered and exploited a 21-year-old use-after-free vulnerability in PHP's `unserialize()` function, affecting code paths that have been vulnerable since PHP 5.1 shipped inβ¦