Patch PHP across all web-facing infrastructure

Upgrade every PHP 8.x installation to 8.2.31 / 8.3.31 / 8.4.21 / 8.5.6 (released 2026-05-07). Highest priority on Internet-exposed SoapServer endpoints — integration handlers, legacy ERP middleware, e-government forms-processing services. Inventory container base images (php:8.x-fpm, php:8.x-apache) and rebuild against patched minors. Where the patch cannot be applied immediately, phpdismod soap (or equivalent) on hosts that do not need SOAP, and front any remaining SoapServer with a WAF rule against duplicate-key apache:Map envelopes. See § 5 for the full detection and hardening playbook.