Security researcher Omar Ganiev published a tweet regarding a "freshly patched" remote code execution vulnerability in PHP-FPM, the FastCGI Process Manager (FPM) for PHP. CVE-2019-11043 is an env_path_info underflow flaw in PHP-FPM's fpm_main.c.