CVE-2019-11043
PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability
CVSS
—
No CVSS
EPSS
99.5%
p100
KEV
YES
Mar 25, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
99.5%EPSS · 30 days99.5%
2026-06-302026-07-16
Product
PHP / FastCGI Process Manager (FPM)
Vulnerability
PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability
Added to KEV
Mar 25, 2022
Remediate by
Apr 15, 2022
Known ransomware use
Yes
Summary description
In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-11043
No related CVEs by CWE or product.