Lucene search
+L

1296 matches found

osv
osv
added 2026/06/21 4:16 p.m.5 views

UBUNTU-CVE-2026-56410

xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...

6.9CVSS5.8AI score0.0011EPSS
Exploits0References3
euvd
euvd
added 2026/06/21 3:58 p.m.12 views

EUVD-2026-38189

libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...

5.9CVSS5.8AI score0.00218EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/21 3:58 p.m.4 views

CVE-2026-56412

libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...

4.9CVSS5.8AI score0.00105EPSS
Exploits0References2
debiancve
debiancve
added 2026/06/21 3:58 p.m.6 views

CVE-2026-56412

libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...

5.9CVSS5.8AI score0.00105EPSS
Exploits0
cvelist
cvelist
added 2026/06/21 3:58 p.m.33 views

CVE-2026-56412

libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...

4.9CVSS0.00105EPSS
Exploits0References1
alpinelinux
alpinelinux
added 2026/06/21 3:58 p.m.5 views

CVE-2026-56412

libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...

5.9CVSS5.8AI score0.00105EPSS
Exploits0
debiancve
debiancve
added 2026/06/21 3:56 p.m.5 views

CVE-2026-56411

xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations...

6.9CVSS5.9AI score0.0011EPSS
Exploits0
attackerkb
attackerkb
added 2026/06/21 3:56 p.m.4 views

CVE-2026-56411

xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations...

6.9CVSS5.9AI score0.0011EPSS
Exploits0References2
cve
cve
added 2026/06/21 3:56 p.m.37 views

CVE-2026-56411

CVE-2026-56411 affects libexpat’s xmlwf binary, with an integer overflow in endDoctypeDecl triggered by NOTATION declarations prior to version 2.8.2. The CVSS metrics indicate a Local attack vector, high confidentiality and integrity impact, and low availability impact, with no user interaction r...

6.9CVSS5.9AI score0.0011EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/06/21 3:56 p.m.38 views

CVE-2026-56411

xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations...

6.9CVSS0.0011EPSS
Exploits0References1
osv
osv
added 2026/06/21 3:55 p.m.4 views

CVE-2026-56410

xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...

6.9CVSS6AI score0.0011EPSS
Exploits0References3
debiancve
debiancve
added 2026/06/21 3:55 p.m.6 views

CVE-2026-56410

xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...

6.9CVSS5.9AI score0.0011EPSS
Exploits0
euvd
euvd
added 2026/06/21 3:55 p.m.11 views

EUVD-2026-38187

xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...

6.9CVSS5.9AI score0.0011EPSS
Exploits0References1
cve
cve
added 2026/06/21 3:55 p.m.29 views

CVE-2026-56410

The vulnerability CVE-2026-56410 affects xmlwf in libexpat prior to 2.8.2, due to an integer overflow in resolveSystemId. Impact is indicated as high for confidentiality and integrity, with low availability impact; attack vector is local and no user interaction is required. Remedy: upgrade to lib...

6.9CVSS5.9AI score0.0011EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/06/21 3:55 p.m.33 views

CVE-2026-56410

xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...

6.9CVSS0.0011EPSS
Exploits0References1
osv
osv
added 2026/06/21 3:52 p.m.1 views

CVE-2026-56409

xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...

6.5CVSS6AI score0.00098EPSS
Exploits0References3
euvd
euvd
added 2026/06/21 3:52 p.m.10 views

EUVD-2026-38186

xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...

6.5CVSS5.9AI score0.00098EPSS
Exploits0References1
cve
cve
added 2026/06/21 3:52 p.m.22 views

CVE-2026-56409

CVE-2026-56409 affects xmlwf in libexpat prior to 2.8.2. An integer overflow occurs in the output filename when -d outputDir is used. The CVSS 3.1 vector (LOCAL, HIGH complexity, NO privileges, user interaction required) indicates a local impact with confidentiality/ integrity impact HIGH and ava...

6.5CVSS5.9AI score0.00098EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/06/21 3:52 p.m.34 views

CVE-2026-56409

xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...

6.5CVSS0.00098EPSS
Exploits0References1
alpinelinux
alpinelinux
added 2026/06/21 3:52 p.m.8 views

CVE-2026-56409

xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...

6.5CVSS5.8AI score0.00098EPSS
Exploits0
Rows per page
Query Builder