The latest versions of PHP has been recently released by maintainers of the PHP programming language to patch multiple high-severity vulnerabilities in its core and bundled libraries, which could allow the most severe to execute arbitrary code and compromise targeted servers. The PHP commonly known as Hypertext Preprocessor, is the most popular server-side web programming language powering over 78 percent of the Internet today. The latest versions of PHP released under several maintained branches include 7.3.9, 7.2.22 and 7.1.32, addressing multiple security vulnerabilities. In a PHP application the affected codebase depending on the type, occurrence, and usage, successesfully exploit some of the most severe vulnerabilities that could allow an attacker to execute arbitrary code in the context of the affected application. The result of failed attempts at exploitation would affect in a denial of service (DoS) condition on the systems. The vulnerabilities that rely on PHP could leave Thousands of web applications open to code execution attacks including websites powered by some popular content management systems like WordPress, Drupal and Typo3. A code execution vulnerability 'use-after-free' assigned as CVE-2019-13224, resides in Oniguruma, a popular regular expression library that comes bundled with PHP, as well as many other programming languages. This flaw can be exploited by a remote attacker potentially leading to code execution or causing information disclosure, by inserting a specially crafted regular expression in an affected web application. Also, the other patched flaws affect includes curl extension, Exif function, Fast CGI Process Manager (FPM), Opcache feature, and more. At present, there is no report of any of these security vulnerabilities being exploited in the wild by attackers. In the latest versions of PHP the security team recommended users and hosting providers strongly to upgrade their servers to its latest PHP version 7.3.9, 7.2.22, or 7.1.32.