Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-104681. PoCs published by Federico Stange.
AI-analyzed exploit summary The exploit describes a denial of service (DoS) vulnerability in Symfony applications using PDOSessionHandler with MySQL backend under specific SQL mode configurations. The PoC is referenced as a separate downloadable archive.
Description
Symfony 2.7.0 < 4.0.10 - Denial of Service
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Federico Stange · textdosphp
https://www.exploit-db.com/exploits/44768
The exploit describes a denial of service (DoS) vulnerability in Symfony applications using PDOSessionHandler with MySQL backend under specific SQL mode configurations. The PoC is referenced as a separate downloadable archive.
Classification
Writeup 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Theoretical
Target:
Symfony with PDOSessionHandler and MySQL backend
No auth needed
Prerequisites:
Symfony application using PDOSessionHandler · MySQL backend for sessions · SQL mode without STRICT_ALL_TABLES or STRICT_TRANS_TABLES
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026