Siemens RuggedCom Rox Uncontrolled Recursion (CVE-2025-9714)

Uncontrolled recursion inXPath evaluationin libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...

RHSA-2026:26354 Red Hat Security Advisory: libxml2 security update

Bulletin has no description...

Low: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the --htmlout command line option, causing an application...

TencentOS Server 2: libxml2 (TSSA-2026:0497)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0497 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

[SECURITY] [DLA 4622-1] libxml2 security update

Debian LTS Advisory DLA-4622-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin June 08, 2026 https://wiki.debian.org/LTS Package : libxml2 Version : 2.9.10+dfsg-6.7+deb11u10 CVE ID : CVE-2025-8732 CVE-2026-0989 CVE-2026-0990 CVE-2026-0992 CVE-2026-1757 Debian Bug :...

Debian dla-4622 : libxml2 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4622 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4622-1 [email protected]...

EulerOS Virtualization 2.13.1 : libxml2 (EulerOS-SA-2026-2139)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for use...

EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2026-2028)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not...

EulerOS Virtualization 2.12.1 : libxml2 (EulerOS-SA-2026-2081)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveU...

EulerOS Virtualization 2.13.0 : libxml2 (EulerOS-SA-2026-2178)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for use...

RHEL 7 : libxml2 (RHSA-2026:22420)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22420 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite...

AIX : Multiple Vulnerabilities (IJ58306)

The version of AIX installed on the remote host is prior to APAR IJ58306. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ58306 advisory. - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD...

AIX : Multiple Vulnerabilities (IJ58122)

The version of AIX installed on the remote host is prior to APAR IJ58122. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ58122 advisory. - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD...

AIX : Multiple Vulnerabilities (IJ58124)

The version of AIX installed on the remote host is prior to APAR IJ58124. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ58124 advisory. - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD...

php: denial of service via DOMNode::C14N()

A flaw was found in PHP. The DOMNode::C14N method may incorrectly process XML data due to the improper removal of an xmlns attribute from the underlying libxml2 data structure, corrupting the linked list representing the XML document and causing an infinite loop. This issue can lead to excessive...

RHSA-2026:22420 Red Hat Security Advisory: libxml2 security update

Bulletin has no description...

libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c

A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map', leading to stack exhaustion and a local denial of service...

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Advisory ROSA-SA-2026-3300

CVE-ID: CVE-2025-11731 BDU-ID: 2026-02739 CVE-Crit: LOW CVE-DESCRIPTION: The vulnerability in the exsltFuncResultComp function of the functions.c component in the Libxslt XML analysis library is related to data type conversion errors. Exploitation of this vulnerability may allow an attacker to...