PatchSiren cyber security CVE debrief
CVE-2026-0992 Red Hat CVE debrief
CVE-2026-0992 is a low-severity vulnerability in the libxml2 library. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains, leading to excessive CPU consumption and degrading application availability, resulting in a denial-of-service condition. The vulnerability has a CVSS score of 2.9 and is classified as LOW. The CVE was published on January 15, 2026, and last modified on June 29, 2026. The vendor is listed as Unknown Vendor, but evidence suggests a potential connection to Redhat. Defensive actions are necessary to mitigate this vulnerability.
- Vendor
- Red Hat
- Product
- Red Hat Hardened Images
- CVSS
- LOW 2.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-15
- Original CVE updated
- 2026-06-29
- Advisory published
- 2026-01-15
- Advisory updated
- 2026-06-29
Who should care
Organizations using the libxml2 library should prioritize patching this vulnerability to prevent potential denial-of-service attacks. Redhat users may be particularly affected, as suggested by the evidence. Security teams should assess their inventory and apply necessary updates.
Technical summary
The libxml2 library is vulnerable to uncontrolled resource consumption when processing XML catalogs with repeated <nextCatalog> elements pointing to the same downstream catalog. This causes the parser to traverse catalog chains redundantly, leading to excessive CPU consumption and application availability degradation. The vulnerability is triggered by supplying crafted catalogs, allowing remote attackers to cause a denial-of-service condition. The CVSS vector is CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L, indicating a low severity. The weakness is classified as CWE-400.
Defensive priority
Apply patches or updates to the libxml2 library to prevent exploitation. Assess inventory and prioritize patching for Redhat users.
Recommended defensive actions
- Apply patches or updates to the libxml2 library
- Assess inventory and prioritize patching for Redhat users
- Monitor for suspicious XML catalog activity
- Implement compensating controls to limit exposure
- Track exception and update workflows
Evidence notes
The CVE record and NVD detail provide official information on the vulnerability. Redhat references suggest a potential connection to Redhat products. The Bugzilla issue and GitLab issue provide additional context on the vulnerability.
Official resources
This article is AI-assisted and based on the supplied source corpus.