141 matches found
BIT-JAVA-MIN-2025-32415
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...
PT-2026-38030
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be...
PT-2026-37837
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...
PT-2026-38044
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...
ALPINE-CVE-2026-6732
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...
CVE-2026-6732 Libxml2: libxml2: denial of service via crafted xsd-validated document
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...
CVE-2026-6732
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...
CVE-2026-6732 Libxml2: libxml2: denial of service via crafted xsd-validated document
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...
CVE-2026-6732
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...
CVE-2026-6732
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...
PT-2026-34793
Name of the Vulnerable Software and Affected Versions libxml2 affected versions not specified Description A flaw exists when the library processes a specially crafted XML Schema Definition XSD validated document containing an internal entity reference. An attacker can provide a malicious document...
libxml2 安全漏洞
Libxml2 is an open-source library from GNOME that is used for parsing XML documents. It is written in C language and can be called by various languages, such as C, C++, and XSH. Libxml2 has a security vulnerability that arises from type confusion errors when processing specially crafted XML Schem...
Linux Distros Unpatched Vulnerability : CVE-2026-6732
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes...
Access of Resource Using Incompatible Type ('Type Confusion')
Overview Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' while handling a specially crafted XML Schema Definition XSD validated document containing an internal entity reference. An attacker can cause the application to crash by...
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak...
EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2026-1001)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2...
MAL-2025-139868 Malicious code in babel-pegasus-xml-schema (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c99cfe63d56d39e7c66715a4797bb30032ba8dd6254bdf514d52cf979e3706c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in babel-pegasus-xml-schema (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c99cfe63d56d39e7c66715a4797bb30032ba8dd6254bdf514d52cf979e3706c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-116234
Malicious code in babel-pegasus-xml-schema npm...
[SECURITY] Fedora 42 Update: qt5-qtxmlpatterns-5.15.18-1.fc42
The Qt XML Patterns module provides support for XPath, XQuery, XSLT, and XML Schema validation...