Known exploited
PHP Group
CVE published 2024-06-12
CVE-2024-4577
CVE-2024-4577 is a PHP-CGI OS command injection vulnerability in PHP that CISA lists in its Known Exploited Vulnerabilities catalog. That makes it a high-priority issue for defenders, especially because CISA also marks it as associated with known ransomware campaign use. The supplied sources do not include affected versions or patch details, so remediation should follow vendor instructions and CISA guidance.