Security Advisory - Published 2026-07-06 - PHP / Database App
Guardian language-system batch: remove public exposure, preserve logs, and check database changes
This July batch covers several Guardian language-system issues in public PHP paths. Treat any internet-facing deployment as urgent until the app is isolated, logs are preserved, and the database has been reviewed.
Affected CVEs in this batch
| CVE | Product | Affected | Review | CVSS |
|---|---|---|---|---|
| CVE-2026-34099 | Guardian language-system | public PHP app | job information lookup | 9.8 |
| CVE-2026-34100 | Guardian language-system | public PHP app | media lookup | 9.8 |
| CVE-2026-34101 | Guardian language-system | public PHP app | text file lookup | 9.8 |
| CVE-2026-34102 | Guardian language-system | public PHP app | job input lookup | 9.8 |
| CVE-2026-34103 | Guardian language-system | public PHP app | subtitle lookup | 9.8 |
| CVE-2026-34104 | Guardian language-system | public PHP app | designer lookup | 9.8 |
| CVE-2026-34105 | Guardian language-system | public PHP app | translation lookup | 9.8 |
| CVE-2026-34106 | Guardian language-system | public PHP app | subtitle rendering job | 9.8 |
What to check
- Whether Guardian language-system is reachable from the public internet, a staging subdomain, or shared hosting.
- Web server access logs around job, media, text, subtitle, designer, and translation pages.
- Database query errors, unexpected record changes, new files, and job activity during the exposure window.
- Scheduler or worker logs if subtitle or file-processing jobs are enabled.
Safe fix path
- Move the app behind authentication or take it offline before doing cleanup.
- Preserve access logs, error logs, database logs, and a filesystem snapshot before making changes.
- Apply vendor remediation when available, or patch the affected code paths with parameterized database access and strict command handling.
- Rotate database credentials and app secrets if database or job integrity is uncertain.
Compromise indicators
- Repeated requests to public lookup or processing pages with unusual input length or encoding.
- Unexpected database errors, changed translation records, changed job records, or new file records.
- New files, changed job output, or worker activity that does not match normal translation usage.
- Credentials or configuration files accessed during the same window.
When to ask Ping7 for repair
Use Ping7 CVE Repair when the app was public, database integrity is unclear, worker jobs may have run unexpectedly, or you need cleanup without losing evidence.