Lucene search
K

562 matches found

OSV
OSV
added 3 days ago3 views

ROOT-OS-DEBIAN-12-CVE-2026-41080 CVE-2026-41080 in rootio-expat - Patched by Root

Root has patched CVE-2026-41080 in the rootio-expat package for Root:Debian:12. Multiple fixed versions available...

3.7CVSS5.4AI score0.00379EPSS
Exploits0
Wolfi
Wolfi
added 2026/06/25 8:46 p.m.7 views

GHSA-XQW9-F65G-5QXW vulnerabilities

Vulnerabilities for packages: expat...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/06/25 8:36 p.m.4 views

CVE-2026-56404 vulnerabilities

Vulnerabilities for packages: expat...

6.9CVSS5.8AI score0.00102EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.11 views

Astra Linux – Vulnerability in expat

In libexpat before version 2.7.4, the doContent function does not properly determine the buffer size bufSize, as there is no check for integer overflow during the reallocation of the tag buffer...

7.8CVSS7AI score0.00193EPSS
Exploits0References3
OSV
OSV
added 2026/06/21 5:16 p.m.3 views

UBUNTU-CVE-2026-56412

libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...

5.9CVSS5.8AI score0.00105EPSS
Exploits0References3
NVD
NVD
added 2026/06/21 4:16 p.m.9 views

CVE-2026-56407

libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...

6.9CVSS0.00102EPSS
Exploits0References1
OSV
OSV
added 2026/06/21 4:16 p.m.3 views

ALPINE-CVE-2026-56405

libexpat before 2.8.2 has an integer overflow in getAttributeId...

6.9CVSS5.8AI score0.00102EPSS
Exploits0References1
OSV
OSV
added 2026/06/21 4:16 p.m.4 views

ALPINE-CVE-2026-56404

libexpat before 2.8.2 has an integer overflow in addBinding...

6.9CVSS5.8AI score0.00102EPSS
Exploits0References1
NVD
NVD
added 2026/06/21 4:16 p.m.10 views

CVE-2026-56403

libexpat before 2.8.2 has an integer overflow in storeAtts...

6.9CVSS0.00102EPSS
Exploits0References1
OSV
OSV
added 2026/06/21 4:16 p.m.5 views

UBUNTU-CVE-2026-56403

libexpat before 2.8.2 has an integer overflow in storeAtts...

6.9CVSS5.8AI score0.00102EPSS
Exploits0References3
OSV
OSV
added 2026/06/21 4:16 p.m.4 views

UBUNTU-CVE-2026-56405

libexpat before 2.8.2 has an integer overflow in getAttributeId...

6.9CVSS5.8AI score0.00102EPSS
Exploits0References3
OSV
OSV
added 2026/06/21 4:16 p.m.4 views

UBUNTU-CVE-2026-56406

libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse...

6.9CVSS5.8AI score0.00102EPSS
Exploits0References3
CVE
CVE
added 2026/06/21 3:58 p.m.41 views

CVE-2026-56412

In the connected CVE data, libexpat before 2.8.2 is affected: the XML_TOK_DATA_CHARS handling in doCdataSection lacks proper handler call depth tracking, enabling a use-after-free under certain policy violations. This stems from an incomplete fix for CVE-2026-50219. CVSS indicates LOCAL attack ve...

5.9CVSS5.8AI score0.00105EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/21 3:56 p.m.7 views

EUVD-2026-38188

xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations...

6.9CVSS5.9AI score0.0011EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/21 3:55 p.m.6 views

CVE-2026-56410

xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...

6.9CVSS5.8AI score0.0011EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/21 3:52 p.m.5 views

CVE-2026-56409

xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...

6.5CVSS5.9AI score0.00098EPSS
Exploits0
EUVD
EUVD
added 2026/06/21 3:49 p.m.8 views

EUVD-2026-38184

libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...

6.9CVSS5.9AI score0.00102EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/21 3:48 p.m.31 views

CVE-2026-56406

libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse...

6.9CVSS0.00102EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/21 3:47 p.m.4 views

CVE-2026-56405

libexpat before 2.8.2 has an integer overflow in getAttributeId...

6.9CVSS5.9AI score0.00102EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/21 3:47 p.m.5 views

CVE-2026-56405

libexpat before 2.8.2 has an integer overflow in getAttributeId...

6.9CVSS5.8AI score0.00102EPSS
Exploits0
Rows per page
Query Builder