EulerOS 2.0 SP13 : expat (EulerOS-SA-2026-2328)

According to the versions of the expat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.CVE-2026-32778...

EulerOS Virtualization 2.12.0 : expat (EulerOS-SA-2026-2098)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515 In libexpat...

RHEL 8 : expat (RHSA-2026:22721)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22721 advisory. Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details...

EulerOS Virtualization 2.12.1 : expat (EulerOS-SA-2026-2073)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515 In libexpat...

RHEL 9 : expat (RHSA-2026:23230)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:23230 advisory. Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details...

EulerOS Virtualization 2.13.0 : expat (EulerOS-SA-2026-2163)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515 In libexpat...

MiracleLinux 8 : expat-2.5.0-2.el8_10 (AXSA:2026-758:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-758:06 advisory. libexpat: denial of service via crafted XML input CVE-2026-45186 Tenable has extracted the preceding description block directly from the MiracleLinux security...

python3.12 security update

An update is available for python3.12. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

python3.12 security update

An update is available for python3.12. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming languag...

USN-8313-1 xmlrpc-c vulnerabilities

It was discovered that Expat, vendored in XML-RPC, incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

ALSA-2026:19064 Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Slackware Linux 15.0 / current expat Vulnerability (SSA:2026-132-01)

The version of expat installed on the remote host is prior to 2.7.5 / 2.8.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-132-01 advisory. New expat packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...

CVE-2026-7210

CVE-2026-7210 affects the Python ecosystem’s XML parsers: xml.parsers.expat and xml.etree.ElementTree. The root cause is insufficient entropy in Expat hash-flooding protection, which can be exploited by a crafted XML document to trigger hash collisions. Consequences are severe across affected com...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017357)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017357 advisory. lookup in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Unity Linux...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017351)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017351 advisory. In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too fe...

Unity Linux 20.1070e Security Update: expat (UTSA-2026-017379)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017379 advisory. xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. Tenable has extracted the preceding...

Unity Linux 20.1070e Security Update: expat (UTSA-2026-017370)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017370 advisory. In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames. Tenable has extracted the preceding description block directly from the Unity Linu...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017361)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017361 advisory. nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017359)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017359 advisory. addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Unity...

Unity Linux 20.1070e Security Update: expat (UTSA-2026-017374)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017374 advisory. Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. Tenable has extracted the preceding...