EUVD-2026-38186

xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...

EUVD-2025-120195

Malicious code in xml-tool-spectron-webdriver-antares npm...

The vulnerability of the HandleFileArg function in the XML data compression tool Xmill allows a attacker to execute arbitrary code.

The vulnerability of the HandleFileArgl function in the XML data compression tool Xmill is related to a memory boundary error during the processing of XML files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c

There's a flaw in libxml2's xmllint. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability...

Shibboleth for Windows Shibboleth Service Provider Shibboleth XMLTooling-C Information Disclosure Vulnerability

Shibboleth for Windows is an open source SAML based Web Single Sign-On system for Windows from Shibboleth, UK. Shibboleth Service Provider SP is one of the Service Provider components. Shibboleth Service Provider SP is one of the service provider component . Shibboleth XMLTooling-C is one of the...