Every CVE whose affected-product data names Pear Pearweb, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2026-25241 — CVSS 9.8 (critical): PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, an unauthenticated SQL injection in the…
CVE-2026-25234 — CVSS 9.8 (critical): PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in category…
CVE-2026-25237 — CVSS 9.8 (critical): PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of preg_replace() with the /e…
CVE-2026-25238 — CVSS 9.8 (critical): PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in bug…
CVE-2026-25240 — CVSS 9.8 (critical): PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur…
CVE-2026-25236 — CVSS 9.8 (critical): PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma…
CVE-2026-25233 — CVSS 9.1 (critical): PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, logic bug in the roadmap role check…
CVE-2026-25235 — CVSS 7.5 (high): PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, predictable verification hashes may allow…
CVE-2026-25239 — CVSS 7.5 (high): PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in apidoc…