CVE-2026-27942
CVE-2026-27942 affects fast-xml-parser. Before 5.3.8, XMLBuilder with preserveOrder: true can crash with a stack overflow. The issue is fixed in 5.3.8. Workarounds include building XML with preserveOrder: false or validating input data before passing to the builder. Connected sources also referen...