Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

AIX (IJ57276)

🗓️ 19 Feb 2026 00:00:00Reported by TenableType 
nessus
 nessus🔗 www.tenable.com👁 3 Views

AIX prior to APAR IJ57276 is affected by a libxml2 vulnerability in xmlParseSGMLCatalog via untrusted catalogs.

Related
Refs
Code
ReporterTitlePublishedViews
Family
Tenable Nessus		AIX (IJ57282)
19 Feb 202600:00
nessus
Tenable Nessus		AIX (IJ57291)
19 Feb 202600:00
nessus
Tenable Nessus		AIX (IJ57292)
19 Feb 202600:00
nessus
Tenable Nessus		Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2026-1360)
23 Jan 202600:00
nessus
Tenable Nessus		Amazon Linux 2 : libxml2, --advisory ALAS2-2026-3122 (ALAS-2026-3122)
21 Jan 202600:00
nessus
Tenable Nessus		openSUSE 16 Security Update : libxml2, libxslt (openSUSE-SU-2026:20312-1)
6 Mar 202600:00
nessus
Tenable Nessus		Oracle Java SE Multiple Vulnerabilities (January 2026 CPU)
21 Jan 202600:00
nessus
Tenable Nessus		SUSE SLES12 Security Update : libxml2 (SUSE-SU-2025:4104-1)
16 Nov 202500:00
nessus
Tenable Nessus		openSUSE 15 Security Update : libxml2 (SUSE-SU-2025:4115-1)
18 Nov 202500:00
nessus
Tenable Nessus		openSUSE 15 Security Update : libxml2 (SUSE-SU-2026:0570-1)
19 Feb 202600:00
nessus
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(299610);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/03/16");

  script_cve_id("CVE-2025-8732");

  script_name(english:"AIX (IJ57276)");

  script_set_attribute(attribute:"synopsis", value:
"The remote AIX host is missing a security patch.");
  script_set_attribute(attribute:"description", value:
"The version of AIX installed on the remote host is prior to APAR IJ57276. It is, therefore, affected by a vulnerability
as referenced in the IJ57276 advisory.

  - A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability
    affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to
    uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public
    and may be used. The real existence of this vulnerability is still doubted at the moment. The code
    maintainer explains, that [t]he issue can only be triggered with untrusted SGML catalogs and it makes
    absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at
    all. (CVE-2025-8732)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/support/pages/node/7261170");
  script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/support/pages/apar/IJ57276");
  script_set_attribute(attribute:"solution", value:
"Please apply the appropriate interim fix per APAR IJ57276.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N");
  script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:P");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-8732");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/08/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2026/02/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/02/19");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"AIX Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/AIX/lslpp", "Host/local_checks_enabled", "Host/AIX/version");

  exit(0);
}

include('aix.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if ( ! get_kb_item('Host/AIX/version') ) audit(AUDIT_OS_NOT, "AIX");
if ( ! get_kb_item('Host/AIX/lslpp') ) audit(AUDIT_PACKAGE_LIST_MISSING);

if ( get_kb_item('Host/AIX/emgr_failure') ) exit(0, 'This iFix check is disabled because : ' + get_kb_item('Host/AIX/emgr_failure') );

var constraints = [
    {'release': '3.1', 'ml': '04', 'sp': '41', 'patch': 'IJ57276sBa', 'package': 'bos.rte.control', 'minfilesetver': '7.2.5.0', 'maxfilesetver': '7.2.5.206'},
    {'release': '3.1', 'ml': '04', 'sp': '50', 'patch': 'IJ57276sBa', 'package': 'bos.rte.control', 'minfilesetver': '7.2.5.0', 'maxfilesetver': '7.2.5.206'},
    {'release': '3.1', 'ml': '04', 'sp': '60', 'patch': 'IJ57276sBa', 'package': 'bos.rte.control', 'minfilesetver': '7.2.5.0', 'maxfilesetver': '7.2.5.206'},
    {'release': '7.2', 'ml': '05', 'sp': '10', 'patch': 'IJ57276sBa', 'package': 'bos.rte.control', 'minfilesetver': '7.2.5.0', 'maxfilesetver': '7.2.5.206'},
    {'release': '7.2', 'ml': '05', 'sp': '11', 'patch': 'IJ57276sBa', 'package': 'bos.rte.control', 'minfilesetver': '7.2.5.0', 'maxfilesetver': '7.2.5.206'},
    {'release': '7.2', 'ml': '05', 'sp': '09', 'patch': 'IJ57276sBa', 'package': 'bos.rte.control', 'minfilesetver': '7.2.5.0', 'maxfilesetver': '7.2.5.206'}
];

var flag = 0;
foreach var constraint (constraints) {
    var release = constraint['release'];
    var ml = constraint['ml'];
    var sp = constraint['sp'];
    var patch = constraint['patch'];
    var package = constraint['package'];
    var minfilesetver = constraint['minfilesetver'];
    var maxfilesetver = constraint['maxfilesetver'];
    if(aix_check_ifix(release: release, ml: ml, sp: sp, patch: patch, package: package, minfilesetver: minfilesetver, maxfilesetver: maxfilesetver) < 0) flag++;
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_NOTE,
      extra      : aix_report_get()
  );
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected - AIX");

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
16 Mar 2026 00:00Current
4.8Medium risk
Vulners AI Score4.8
CVSS 21.7
CVSS 3.13.3
CVSS 44.8
CVSS 33.3
EPSS0.00025
SSVC
AIX operating systemlibxml2 vulnerabilityXML catalog parseruntrusted SGML catalogslocal attack required
3