) can lead to unauthorized data access or application crashes. Out-of-Bounds Reads: xmlrpc_decode CVE-2019-9024
Because 5.6.40 is the final version of an unsupported branch, any vulnerabilities discovered after its release remain in official builds. Significant threats include: PHP 5.6: Why you should upgrade - Influential Software php version 5640 vulnerabilities link