Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2026/01/31 12:24 a.m.5 views

SUSE CVE-2026-25128

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...

7.5CVSS5.7AI score0.00559EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/30 8:13 p.m.3 views

CVE-2026-25128

A denial of service flaw has been discovered in the fast-xml-parser npm library. In fast-xml-parser, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-range entity code points e.g., � or �. This causes the parser to throw an uncaugh...

7.5CVSS5.7AI score0.00559EPSS
Exploits1References6
vulnersOsv
vulnersOsv
added 2026/01/30 8:10 p.m.9 views

@activepieces/piece-amazon-s3 (>=0.5.4 <=0.5.9), @activepieces/piece-amazon-ses (>=0.0.1 <=0.1.3) +990 more potentially affected by CVE-2026-25128 via fast-xml-parser (>=5.0.9 <=5.3.3)

fast-xml-parser NPM version =5.0.9, =0.5.4, =0.0.1, =13.1.4, =1.0.0, =1.9.12, =1.0.3, =1.1.31, =1.0.0, =1.7.16, =2.33.6, =1.4.37, =1.6.11, =1.7.1 and more Source cves: CVE-2026-25128 Source advisory: OSV:GHSA-37QJ-FRW5-HHJH...

7.5CVSS5.7AI score0.00559EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/01/30 3:54 p.m.9 views

@activepieces/piece-amazon-s3 (>=0.5.4 <=0.5.9), @activepieces/piece-amazon-ses (>=0.0.1 <=0.1.3) +990 more potentially affected by CVE-2026-25128 via fast-xml-parser (>=5.0.9 <=5.3.3)

fast-xml-parser NPM version =5.0.9, =0.5.4, =0.0.1, =13.1.4, =1.0.0, =1.9.12, =1.0.3, =1.1.31, =1.0.0, =1.7.16, =2.33.6, =1.4.37, =1.6.11, =1.7.1 and more Source cves: CVE-2026-25128 Source advisory: SNYK:JS-FASTXMLPARSER-15155603...

7.5CVSS5.7AI score0.00559EPSS
Exploits1
Cvelist
Cvelist
added 2026/01/30 3:14 p.m.48 views

CVE-2026-25128 fast-xml-parser has RangeError DoS Numeric Entities Bug

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...

7.5CVSS0.00559EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/01/30 3:14 p.m.9 views

CVE-2026-25128

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...

7.5CVSS7.4AI score0.00559EPSS
Exploits1
Rows per page
Query Builder