What is CVE-2015-10141?

CVE-2015-10141 is a vulnerability in Xdebug, classified under OS Command Injection. Published 2025-07-23.

Is CVE-2015-10141 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Xdebug

CVE-2015-10141

An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and earlier, a PHP debugging extension developed by Derick Rethans. When remote debugging is enabled, Xdebug listens on port 9000 and accepts debugge…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.657 (98.5th percentile) — read the EPSS interpretation.

Affected products

Xdebug — versions 0

Weakness classification (CWE)

Public proof-of-concept exploits

References

xdebug.org/ (product)
kirtixs.com/blog/2015/11/13/xpwn-exploiting-xdebug-enabled-servers/ (technical-description)
web.archive.org/web/20231226215418/https://paper.seebug.org/397/ (technical-description)
www.exploit-db.com/exploits/44568 (exploit)
www.fortiguard.com/encyclopedia/ips/46000 (third-party-advisory)
www.vulncheck.com/advisories/xdebug-remote-debugger-unauth-os-command-execution (third-party-advisory)

Frequently asked questions

What is CVE-2015-10141?: CVE-2015-10141 is a vulnerability in Xdebug, classified under OS Command Injection. Published 2025-07-23.
Is CVE-2015-10141 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.