# CVE-2026-6409

> Vulnerability.

## Description

A Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured messages—specifically those containing negative varints or deep recursion—can be used to crash the application, impacting service availability.

## Key facts

- **CVE ID:** CVE-2026-6409
- **Published:** 2026-04-16
- **CWE codes:** CWE-20

## Primary sources

- NIST NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-6409

## Citation

> AI Analytics. CVE-2026-6409. Retrieved 2026-07-15 from https://api.ai-analytics.org/cve/CVE-2026-6409. Derived from NIST NVD. Licensed CC0.

---

*[Dataset catalog](https://api.ai-analytics.org/datasets/) · [AI Analytics](https://api.ai-analytics.org/) · CC0 1.0*