CVE-2026-31248

Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...

CVE-2026-31247

Docling's JATS XML backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend uses etree.parse to parse XML files without disabling entity resolution. An attacker can craft a malicious XML file containing a nested entity expansion payload XML Bomb. When processed by Doclin...

CVE-2026-31248

Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...

CVE-2026-31248

Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...

CVE-2026-31248

CVE-2026-31248 affects Docling's METS GBS backend up to version 2.61.0. The backend parses XML from .tar.gz archives using etree.fromstring() without disabling entity resolution, enabling XML Entity Expansion (XXE) via nested entity definitions (XML Bomb). Processing such a crafted XML can cause ...

EUVD-2016-9123

Malware in sbrugna...

EUVD-2021-7882

Malicious code in bioql PyPI...

defusedxml

This is a Python library called defusedxml, which is designed to prevent XML bomb denial of service DoS vulnerabilities. The library provides a facade for the standard library's xml.etree.ElementTree module, which is vulnerable to XML bombs. The defusedxml library defuses XML bombs by preventing...

defusedxml

This is a Python library called defusedxml, which is designed to prevent XML bomb denial of service DoS vulnerabilities. The library provides a facade for the xml.etree.ElementTree module, which is a built-in Python module for parsing and creating XML documents. The library is maintained by...

[updated] Vibrator virus steals your personal information

I know that some of you are expecting a post similar to that about a toothbrush botnet, but this is not a hypothetical case. It actually happened. A Malwarebytes Premium customer started a thread on Reddit saying we had blocked malware from trying to infect their computer after they connected a...

Typecho Security Vulnerability

typecho is a PHP blogging platform for typecho individual developers. It is simple and powerful. Typecho v1.2.1 version of a security vulnerability , the vulnerability stems from the component / index.php / action / xmlrpc has a security hole . Attackers can use the vulnerability for XML secondar...

GHSA-JQ2W-W7V2-69Q5 Apache Solr vulnerable to XML Bomb

Solr versions prior to 5.0.0 are vulnerable to an XML resource consumption attack a.k.a. Lol Bomb via it?s update handler.?By leveraging XML DOCTYPE and ENTITY type elements, the attacker can create a pattern that will expand when the server parses the XML causing OOMs...

Apache Solr vulnerable to XML Bomb

Solr versions prior to 5.0.0 are vulnerable to an XML resource consumption attack a.k.a. Lol Bomb via it?s update handler.?By leveraging XML DOCTYPE and ENTITY type elements, the attacker can create a pattern that will expand when the server parses the XML causing OOMs...

IBM Cognos Analytics Denial of Service Vulnerability (CNVD-2022-34805)

IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation. The software includes reports, dashboards and scorecards, and can help companies adjust their decisions by analyzing content such as key factors and key people. IBM Cognos Analytics has a denial-of-service...

CVE-2021-20464

IBM Cognos Analytics PowerPlay IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could be vulnerable to an XML Bomb attack by a malicious authenticated user. IBM X-Force ID: 196813...

Code injection

IBM Cognos Analytics PowerPlay IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could be vulnerable to an XML Bomb attack by a malicious authenticated user. IBM X-Force ID: 196813...

CVE-2021-20464

CVE-2021-20464 affects IBM Cognos Analytics PowerPlay (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7). A malicious authenticated user could trigger an XML Bomb attack, leading to a denial of service of the affected PowerPlay component. Connected sources confirm impacted product lines and the XM...

CVE-2021-20464

IBM Cognos Analytics PowerPlay IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could be vulnerable to an XML Bomb attack by a malicious authenticated user. IBM X-Force ID: 196813...

Inline DTD allows XML bomb attack

The SweetXml aka sweetxml package through 0.6.6 for Erlang and Elixir allows attackers to cause a denial of service resource consumption via an XML entity expansion attack with an inline DTD...

GHSA-QPMC-WPRV-X746 Inline DTD allows XML bomb attack

The SweetXml aka sweetxml package through 0.6.6 for Erlang and Elixir allows attackers to cause a denial of service resource consumption via an XML entity expansion attack with an inline DTD...