Lucene search
+L

55 matches found

cve
cve
added 2026/06/25 11:23 p.m.21 views

CVE-2026-12993

Affected software: Apicurio Registry. Vulnerability: DocumentBuilderAccessor does not disable DOCTYPE declarations or enable FEATURE_SECURE_PROCESSING, allowing an attacker with artifact-write permission to upload XML documents containing internal entity-expansion payloads (billion-laughs) that c...

6.5CVSS5.8AI score0.00243EPSS
Exploits0References2Affected Software1
susecve
susecve
added 2026/04/25 1:43 a.m.6 views

SUSE CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

6.5CVSS5.5AI score0.00632EPSS
Exploits1References4
euvd
euvd
added 2026/04/24 12:31 a.m.6 views

EUVD-2026-25346

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

6.5CVSS5.7AI score0.00632EPSS
Exploits1References5
nvd
nvd
added 2026/04/23 11:16 p.m.7 views

CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

7.5CVSS0.00632EPSS
Exploits1References5
osv
osv
added 2026/04/23 11:16 p.m.8 views

ALPINE-CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

7.5CVSS5.7AI score0.00632EPSS
Exploits1References1
osv
osv
added 2026/04/23 11:16 p.m.5 views

DEBIAN-CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

7.5CVSS5.4AI score0.00632EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2026/04/23 10:19 p.m.12 views

CVE-2026-6732 Libxml2: libxml2: denial of service via crafted xsd-validated document

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

6.5CVSS5.5AI score0.00632EPSS
Exploits1References5
attackerkb
attackerkb
added 2026/04/23 10:19 p.m.6 views

CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

6.5CVSS5.7AI score0.00632EPSS
Exploits1References6
cve
cve
added 2026/04/23 10:19 p.m.50 views

CVE-2026-6732

CVE-2026-6732 affects libxml2 and is triggered when parsing an XSD-validated document that contains an internal entity reference, causing a type confusion error and a DoS via crashes. The vulnerability is tied to how libxml2 processes crafted XML Schema Definition inputs, with the impact describe...

7.5CVSS5.7AI score0.00632EPSS
Exploits1References5Affected Software1
debiancve
debiancve
added 2026/04/23 10:19 p.m.8 views

CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

7.5CVSS5.4AI score0.00632EPSS
Exploits1
osv
osv
added 2026/04/23 10:19 p.m.3 views

CVE-2026-6732 Libxml2: libxml2: denial of service via crafted xsd-validated document

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

6.5CVSS5.9AI score0.00632EPSS
Exploits1References10
cvelist
cvelist
added 2026/04/23 10:19 p.m.61 views

CVE-2026-6732 Libxml2: libxml2: denial of service via crafted xsd-validated document

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

6.5CVSS0.00632EPSS
Exploits1References5
alpinelinux
alpinelinux
added 2026/04/23 10:19 p.m.9 views

CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

7.5CVSS5.7AI score0.00632EPSS
Exploits1
redhatcve
redhatcve
added 2026/04/23 10:14 p.m.10 views

CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

7.5CVSS5.7AI score0.00632EPSS
Exploits1References5
nessus
nessus
added 2026/04/23 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-6732

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes...

7.5CVSS6AI score0.00632EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2026/04/23 12:0 a.m.6 views

PT-2026-34793

Name of the Vulnerable Software and Affected Versions libxml2 affected versions not specified Description A flaw exists when the library processes a specially crafted XML Schema Definition XSD validated document containing an internal entity reference. An attacker can provide a malicious document...

7.5CVSS5.8AI score0.00632EPSS
Exploits1References34
packetstorm
packetstorm
added 2026/02/27 12:0 a.m.181 views

📄 fast-xml-parser 5.3.5 Denial of Service

A denial of service vulnerability was identified in fast-xml-parser affecting versions 4.1.3 through 5.3.5. The issue arises from improper handling of XML Document Type Definitions DTD, specifically when processing internal entity expansion. An attacker can supply a crafted XML payload containing...

5.9AI score
Exploits0
redhat
redhat
added 2025/12/09 8:32 a.m.15 views

Important: Red Hat Security Advisory: expat security update

An update for expat is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS7.4AI score0.20093EPSS
Exploits8References19
redhat
redhat
added 2025/12/09 7:23 a.m.5 views

expat: internal entity expansion

expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XMLSetEntityDeclHandler function, which allows remote attackers to cause a denial of service resource consumption, send HTTP requests to intranet servers, or read arbitrary files via a...

6.8CVSS7.5AI score0.20093EPSS
Exploits1References4
nessus
nessus
added 2025/12/09 12:0 a.m.5 views

RHEL 8 : expat (RHSA-2025:22842)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:22842 advisory. Expat is a C library for parsing XML documents. Security Fixes: expat: internal entity expansion CVE-2013-0340 expat: integer overflow in t...

7.5CVSS7.6AI score0.20093EPSS
Exploits2References10
Rows per page
Query Builder