CVE-2026-0992

A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to...

CVE-2026-0989

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

CVE-2026-0990

A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a...

CVE-2026-0990 Libxml2: libxml2: denial of service via uncontrolled recursion in xml catalog processing

A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a...

CVE-2026-0990 Libxml2: libxml2: denial of service via uncontrolled recursion in xml catalog processing

A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a...

EUVD-2026-2797

A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a...

CVE-2026-0990

Vulnerability: CVE-2026-0990 affects libxml2. An uncontrolled recursion bug in xmlCatalogXMLResolveURI is triggered when a delegate URI entry references itself, allowing a remote attacker to craft an XML catalog that causes infinite recursion and stack exhaustion, resulting in DoS via application...

CVE-2026-0990

A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a...

libxml2 security vulnerability

Libxml2 is an open-source library from GNOME that is used for parsing XML documents. It is written in C language and can be called by various languages, such as C, C++, and XSH. Libxml2 has a security vulnerability; this vulnerability stems from the RelaxNG parser’s failure to limit the depth of...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the RelaxNG schema inclusion process. An attacker can cause stack exhaustion and application crashes by supplying maliciously crafted or deeply nested schema files that trigger unbounded recursion during...

libxml2 resource management error vulnerability

Libxml2 is an open-source library from GNOME that is used for parsing XML documents. It is written in C language and can be called in various languages, such as C, C++, and XSH. Libxml2 has a resource management vulnerability that arises when processing XML directories containing elements with...

Linux Distros Unpatched Vulnerability : CVE-2026-0992

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements...

Linux Distros Unpatched Vulnerability : CVE-2026-0989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion...

libxml2 security vulnerability

Libxml2 is an open-source library from GNOME that is used for parsing XML documents. It is written in C language and can be called in various languages, such as C, C++, and XSH. Libxml2 has a security vulnerability. This vulnerability stems from the xmlCatalogXMLResolveURI function, which allows...

Linux Distros Unpatched Vulnerability : CVE-2026-0990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalo...

MiracleLinux 4 : libxml2-2.7.6-8.3.0.1.AXS4 (AXSA:2012-976:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-976:01 advisory. This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes...

MiracleLinux 3 : libxml2-2.6.26-2.1.12.2.0.1.AXS3 (AXSA:2012-43:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-43:01 advisory. This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes...

MiracleLinux 3 : libxml2-2.6.26-2.1.15.5.0.1.AXS3 (AXSA:2012-929:03)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-929:03 advisory. This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes...

MiracleLinux 3 : libxml2-2.6.26-2.1.2.8.1AXS3 (AXSA:2009-377:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-377:01 advisory. This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes...

MiracleLinux 4 : libxslt-1.1.26-2.1.0.1.AXS4 (AXSA:2012-977:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-977:01 advisory. This C library allows to transform XML files into other XML files or HTML, text, ... using the standard XSLT stylesheet transformation mechanism. To...