CVE-2026-49235 Routinator crashes on specifically crafted RRDP XML files

When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes...

SUSE CVE-2026-11020

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file. Chromium security severity: Medium...

SUSE CVE-2026-11035

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. Chromium security severity: Medium...

Exploit for CVE-2019-5513

VMware Horizon /broker/xml Vulnerability Scanner !Security...

RHEL 10 : expat (RHSA-2026:22715)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22715 advisory. Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details...

RHEL 8 : expat (RHSA-2026:22721)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22721 advisory. Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details...

RHEL 9 : expat (RHSA-2026:23230)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:23230 advisory. Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details...

expat security update

An update is available for expat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Expat is a C library for parsing XML documents. Security Fixes: libexpat: deni...

RLSA-2026:23230 Important: expat security update

Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the...

expat security update

An update is available for expat. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Expat is a C library for parsing XML documents. Security Fixes: libexpat: denia...

RLSA-2026:22721 Important: expat security update

Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the...

EUVD-2026-34657

Type Confusion in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted XML file. Chromium security severity: Medium...

EUVD-2026-34630

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML file. Chromium security severity: Medium...

EUVD-2026-34484

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. Chromium security severity: Medium...

EUVD-2026-34469

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file. Chromium security severity: Medium...

Linux Distros Unpatched Vulnerability : CVE-2026-11169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML...

Linux Distros Unpatched Vulnerability : CVE-2026-11020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file...

RockyLinux 10 : expat (RLSA-2026:22715)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22715 advisory. libexpat: denial of service via crafted XML input CVE-2026-45186 Tenable has extracted the preceding description block directly from the RockyLinux security...

MiracleLinux 8 : expat-2.5.0-2.el8_10 (AXSA:2026-758:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-758:06 advisory. libexpat: denial of service via crafted XML input CVE-2026-45186 Tenable has extracted the preceding description block directly from the MiracleLinux security...

CVE-2026-11196

Type Confusion in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted XML file. Chromium security severity: Medium...