Lucene search
K

182 matches found

OSV
OSV
added 2026/06/30 7:39 a.m.10 views

ROOT-APP-NPM-CVE-2026-41650 CVE-2026-41650 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-41650 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

6.1CVSS5.8AI score0.00238EPSS
Exploits1
OSV
OSV
added 2026/06/30 7:39 a.m.9 views

ROOT-APP-NPM-CVE-2026-25896 CVE-2026-25896 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-25896 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

9.3CVSS5.3AI score0.00445EPSS
Exploits1
OSV
OSV
added 2026/06/30 7:39 a.m.6 views

ROOT-APP-NPM-CVE-2026-33349 CVE-2026-33349 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-33349 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

5.9CVSS5.8AI score0.00449EPSS
Exploits1
OSV
OSV
added 2026/06/30 7:39 a.m.8 views

ROOT-APP-NPM-CVE-2026-27942 CVE-2026-27942 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-27942 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

7.5CVSS5.9AI score0.00478EPSS
Exploits0
OSV
OSV
added 2026/06/30 7:39 a.m.5 views

ROOT-APP-NPM-CVE-2026-33036 CVE-2026-33036 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-33036 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

7.5CVSS5.9AI score0.00576EPSS
Exploits1
OSV
OSV
added 2026/06/30 7:39 a.m.12 views

ROOT-APP-NPM-CVE-2026-26278 CVE-2026-26278 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-26278 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

7.5CVSS5.5AI score0.00811EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 1:47 p.m.3 views

Security Bulletin: Vulnerability in fast-xml-parser affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in fast-xml-parser has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

7.5CVSS5.8AI score0.00811EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 1:11 p.m.3 views

Security Bulletin: Vulnerability in fast-xml-parser affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in fast-xml-parser has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

7.5CVSS7.1AI score0.00478EPSS
Exploits0Affected Software2
OSV
OSV
added 2026/06/04 7:42 p.m.7 views

ROOT-APP-NPM-CVE-2026-25128 CVE-2026-25128 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-25128 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

7.5CVSS5.4AI score0.00559EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/22 8:32 a.m.13 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to node module fast-xml-parser

Summary IBM App Connect Enterprise Connector Discovery and OpenAPI Editor, IBM App Connect Enterprise Discovery Connectors and IBM App Connect Enterprise runtime are vulnerable to multiple vulnerabilities due to node module fast-xml-parser Vulnerability Details CVEID:CVE-2026-27942 DESCRIPTION:...

7.5CVSS5.8AI score0.00576EPSS
Exploits2Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/18 2:27 p.m.12 views

CVE-2026-41650

A flaw was found in fast-xml-parser. The XMLBuilder component does not properly escape specific sequences "--" in comments and "" in CDATA sections when constructing XML from JavaScript objects. This vulnerability allows an attacker to perform XML injection if user-controlled data is processed...

6.1CVSS5.7AI score0.00238EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-41650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the --...

6.1CVSS6.2AI score0.00238EPSS
Exploits1References3
NVD
NVD
added 2026/05/07 3:16 p.m.16 views

CVE-2026-41650

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "--" sequence in comment content or the "" sequence in CDATA sections when building XML from JavaScript objects. This allows XML injection...

6.1CVSS0.00238EPSS
Exploits1References2
OSV
OSV
added 2026/05/07 3:16 p.m.12 views

DEBIAN-CVE-2026-41650

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "--" sequence in comment content or the "" sequence in CDATA sections when building XML from JavaScript objects. This allows XML injection...

6.1CVSS5.7AI score0.00238EPSS
Exploits1References1
OSV
OSV
added 2026/05/07 3:16 p.m.6 views

UBUNTU-CVE-2026-41650

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "--" sequence in comment content or the "" sequence in CDATA sections when building XML from JavaScript objects. This allows XML injection...

6.1CVSS5.7AI score0.00238EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/05/07 3:16 p.m.9 views

CVE-2026-41650

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "--" sequence in comment content or the "" sequence in CDATA sections when building XML from JavaScript objects. This allows XML injection...

6.1CVSS5.8AI score0.00238EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/07 1:36 p.m.40 views

CVE-2026-41650 fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "--" sequence in comment content or the "" sequence in CDATA sections when building XML from JavaScript objects. This allows XML injection...

6.1CVSS0.00238EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/07 1:36 p.m.8 views

CVE-2026-41650

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "--" sequence in comment content or the "" sequence in CDATA sections when building XML from JavaScript objects. This allows XML injection...

6.1CVSS5.7AI score0.00238EPSS
Exploits1References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/30 11:40 a.m.8 views

Security Bulletin: IBM Maximo Application Suite uses fast-xml-parser-5.5.5.tgz and requests-2.32.5-py3-none-any.whl, which are vulnerable to CVE-2026-33349 and CVE-2026-25645.

Summary IBM Maximo Application Suite uses fast-xml-parser-5.5.5.tgz and requests-2.32.5-py3-none-any.whl, which are vulnerable to CVE-2026-33349 and CVE-2026-25645. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-25645...

5.9CVSS4.7AI score0.00449EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/27 7:43 a.m.12 views

Security Bulletin: Maximo AI Service uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary Maximo AI Service uses mlflow-3.1.0-py3-none-any.whl, fast-xml-parser-4.5.3.tgz, nltk-3.9.1-py3-none-any.whl, tar-7.4.3.tgz, tar-7.5.9.tgz, PyJWT-2.10.1-py3-none-any.whl, pyasn1-0.6.2-py3-none-any.whl, fast-xml-parser-5.3.6.tgz, jackson-core-2.19.4.jar,...

8.8CVSS7.8AI score0.01682EPSS
Exploits10Affected Software1
Rows per page
Query Builder