PT-2026-28438

Name of the Vulnerable Software and Affected Versions versions prior to 2026-32287 Description Boolean XPath expressions that evaluate to true can cause an infinite loop within the logicalQuery.Select function, resulting in 100% CPU utilization. This condition can be initiated by top-level...

PT-2026-26093

Name of the Vulnerable Software and Affected Versions UltraJSON versions 5.10 through 5.11.0 Description UltraJSON, a fast JSON encoder and decoder written in C, is susceptible to a buffer overflow or infinite loop when processing large indent values. Specifically, the ujson.dumps function can...

ROS-20260317-73-0026

A vulnerability in the mptcpdofallback function of the mptcp component of the mptcp component of the Linux operating system kernel involves an infinite loop. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

GHSA-4W98-XF39-23GP Loop with Unreachable Exit Condition ('Infinite Loop') in ewe

Summary ewe's handletrailers function contains a bug where rejected trailer headers forbidden or undeclared cause an infinite loop. The function recurses with the original unparsed buffer instead of advancing past the rejected header, re-parsing the same header forever. Each malicious request...

Loop with Unreachable Exit Condition ('Infinite Loop') in ewe

Summary ewe's handletrailers function contains a bug where rejected trailer headers forbidden or undeclared cause an infinite loop. The function recurses with the original unparsed buffer instead of advancing past the rejected header, re-parsing the same header forever. Each malicious request...

SUSE CVE-2026-32777

libexpat before 2.7.5 allows an infinite loop while parsing DTD content...

EUVD-2026-12349

libexpat before 2.7.5 allows an infinite loop while parsing DTD content...

CVE-2026-4179

Issues in stm32 USB device driver drivers/usb/device/usbdcstm32.c can lead to an infinite while loop...

ALPINE-CVE-2026-32777

libexpat before 2.7.5 allows an infinite loop while parsing DTD content...

CVE-2026-32777

libexpat before 2.7.5 allows an infinite loop while parsing DTD content...

CVE-2026-32777

libexpat before 2.7.5 allows an infinite loop while parsing DTD content...

CVE-2026-32777

libexpat before 2.7.5 allows an infinite loop while parsing DTD content...

UBUNTU-CVE-2026-32777

libexpat before 2.7.5 allows an infinite loop while parsing DTD content...

CVE-2026-32777

A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted Document Type Definition DTD content. This could lead to an infinite loop during parsing, resulting in a Denial of Service DoS for the application using libexpat...

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop in the DTD parsing process. An attacker can cause the application to enter an infinite loop by providing specially crafted DTD content. Remediation Upgrade expat to version 2.7.5 or higher. References - GitHub Commit -...

CVE-2026-32777

libexpat before 2.7.5 allows an infinite loop while parsing DTD content...

CVE-2026-32777

libexpat before 2.7.5 allows an infinite loop while parsing DTD content...

CVE-2026-32777

CVE-2026-32777 affects libexpat prior to 2.7.5, where parsing DTD content can trigger an infinite loop. This behavior can cause a denial of service if a system processes crafted DTDs. The available connected documents confirm the issue and its relation to libexpat’s DTD parsing loop, with no expl...

CVE-2026-32777

libexpat before 2.7.5 allows an infinite loop while parsing DTD content...

CVE-2026-32777

libexpat before 2.7.5 allows an infinite loop while parsing DTD content...