2 matches found
CVE-2026-27942
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with preserveOrder:true. Version 5.3.8 fixes the issue. As...
CVE-2025-68493
CVE-2025-68493 describes a Missing XML Validation vulnerability in Apache Struts (affecting 2.0.0–2.2.1, 2.2.1–6.1.0; fixed in 6.1.1). A connected exploit resource provides a PoC targeting the XXE weakness in XWork, including a read-file payload (e.g., /etc/passwd) via the vulnerable XML parsing ...