libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the --htmlout command line option, causing an application...

Linux Distros Unpatched Vulnerability : CVE-2026-6653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free in libxml2's xmlParseInternalSubset from GNOME libxml2 version 2.9.11 to 2.11.0 allows a remote attacker to cause a denial-of-service via...

Astra Linux – Vulnerability in libxml2

The parser.c file in libxml2 before version 2.9.5 does not prevent infinite recursion in parameter entities...

TencentOS Server 2: libxml2 (TSSA-2026:0497)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0497 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

AIX : Multiple Vulnerabilities (IJ58306)

The version of AIX installed on the remote host is prior to APAR IJ58306. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ58306 advisory. - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD...

Security Bulletin: Vulnerabilities in libxml2 (CVE-2026-0989, CVE-2026-0990, CVE-2026-0992) affect AIX

Summary Vulnerabilities in libxml2 could cause a denial of service CVE-2026-0989, CVE-2026-0990, CVE-2026-0992. AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details CVEID:CVE-2026-6732 DESCRIPTION: A flaw was found in libxml2. This vulnerability occurs when the library...

Astra Linux - уязвимость в libxml2

The vulnerability of the xmlFAParseCharClassEsc function in the xmlregexp.c component of the Libxml2 library is related to pointer dereferencing errors. Exploiting this vulnerability allows an attacker to cause a service failure...

Astra Linux - уязвимость в libxml2

Possible cross-site scripting vulnerability in libxml after commit 960f0e2...

Alibaba Cloud Linux 3 : 0104: libxml2 (ALINUX3-SA-2026:0104)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0104 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-9714: Uncontrolled recursion inXPath...

RHEL 8 : libxml2 (RHSA-2026:15967)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:15967 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite...

PT-2026-38850

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c...

JLSEC-2026-468

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible...

Astra Linux – Vulnerability in libxml2

The vulnerability of the xmlMemStrdup function in the Libxml2 library is related to pointer manipulation errors. Exploiting this vulnerability allows an attacker to cause a service failure...

ALPINE-CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

📄 Pachno 1.0.6 Wiki TextParser XML Injection

Pachno version 1.0.6 suffers from an XML eXternal Entity XXE vulnerability in the wiki textparser. Pachno 1.0.6 Wiki TextParser XXE Vulnerability Vendor: Daniel André Eikeland Product web page: https://github.com/pachno/pachno Affected version: 1.0.6 Summary: Pachno is an open-source collaboratio...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2026-1442)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2026-1252)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ROS-20260310-73-0028

Vulnerability in libxml2 related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260310-73-0029

Vulnerability in libxml2 related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Security Bulletin: Multiple vulnerabilities have been identified with the DS8900F and DS8A00 Hardware Management Console (HMC)

Summary DS8900F and DS8A00 updates have been released to remediate following vulnerabilities: Linux vulnerabilities in libraries such as bzip2, nghttp2, libxml2, unbound, libsoup, pam, sudo, java, openssh, glib2, expat, httpd, and linux-firmware. Safe Guarded Copy vulnerability within the...