PatchSiren

libexpat project CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM libexpat project CVE published 2026-06-21

CVE-2026-56411

CVE-2026-56411 is a medium-severity vulnerability (CVSS score of 6.9) affecting libexpat before version 2.8.2. The issue is an integer overflow in the endDoctypeDecl function, which occurs via NOTATION declarations. This vulnerability could potentially allow local attackers with specific conditions to execute arbitrary code. The disclosure date is June 21, 2026, and defenders should prioritize patching or [truncated]

MEDIUM libexpat project CVE published 2026-06-21

CVE-2026-56410

CVE-2026-56410 is an integer overflow vulnerability in xmlwf in libexpat before 2.8.2. The vulnerability has a CVSS score of 6.9 and is classified as MEDIUM. This issue affects systems using xmlwf, particularly in parsing XML content. The vulnerability's impact is localized, requiring local access and specific conditions to be exploited, but it can lead to high impacts on confidentiality, integrity, and l [truncated]

MEDIUM libexpat project CVE published 2026-06-21

CVE-2026-56409

CVE-2026-56409 is a MEDIUM severity vulnerability in libexpat before 2.8.2. The issue involves an integer overflow in the xmlwf utility when the -d outputDir option is used. This vulnerability could potentially allow local attackers with specific conditions to cause high impact on confidentiality and integrity, and low impact on availability. The CVSS score is 6.5. The vulnerability was published on June [truncated]

MEDIUM libexpat project CVE published 2026-06-21

CVE-2026-56408

CVE-2026-56408 is a medium-severity integer overflow vulnerability in libexpat before 2.8.2. The issue arises in the copyString function. Affected systems may face local attacks with high complexity, requiring no privileges or user interaction. Successful exploitation could lead to high impacts on confidentiality, integrity, and low impact on availability. Defenders should assess their exposure, focusing [truncated]

MEDIUM libexpat project CVE published 2026-06-21

CVE-2026-56407

CVE-2026-56407 is a medium-severity vulnerability in libexpat before 2.8.2. The issue is an integer overflow in doProlog related to storeEntityValue and entity textLen. This vulnerability has a CVSS score of 6.9. Affected systems may face potential risks if the library is used in a manner that allows an attacker to trigger the overflow. The priority posture for this vulnerability is medium, given its pote [truncated]

MEDIUM libexpat project CVE published 2026-06-21

CVE-2026-56406

CVE-2026-56406 is an integer overflow vulnerability in libexpat before 2.8.2. The vulnerability occurs in the XML_ParseBuffer function, which lacked a check present in XML_Parse. This CVE has a CVSS score of 6.9 and a MEDIUM severity. Affected systems may be vulnerable to potential attacks if they use the vulnerable version of libexpat. The priority posture for this CVE is MEDIUM.

MEDIUM libexpat project CVE published 2026-06-21

CVE-2026-56403

CVE-2026-56403 is a medium severity vulnerability in libexpat before version 2.8.2. The issue is an integer overflow in the storeAtts function. This vulnerability has a CVSS score of 6.9. Affected systems and applications using libexpat versions prior to 2.8.2 are at risk. The vulnerability was published on June 21, 2026, and no later modifications were recorded on the same day. The primary concern for de [truncated]

MEDIUM libexpat project CVE published 2026-05-26

CVE-2026-32778

CVE-2026-32778 is a medium-severity vulnerability in Hitachi Energy's RTU500 series CMU Firmware. The vulnerability is caused by a NULL pointer dereference in the function setContext on retry after an earlier out-of-memory condition in libexpat before 2.7.5. This results in a Denial of Service impact. The product is only affected if IEC 61850 functionality is configured. According to the CISA advisory, IC [truncated]

MEDIUM libexpat project CVE published 2026-05-26

CVE-2026-32777

CVE-2026-32777 is a medium-severity vulnerability in libexpat before version 2.7.5, which allows an infinite loop while parsing DTD content, causing a Denial of Service impact. The vulnerability affects Hitachi Energy's RTU500 series CMU Firmware if IEC 61850 functionality is configured. The vulnerability was published on May 26, 2026, and modified on June 4, 2026. The CVSS score is 5.5, and the severity is MEDIUM.

LOW libexpat project CVE published 2026-05-10

CVE-2026-45186

CVE-2026-45186 is a low-severity denial-of-service issue in libexpat before 2.8.1. According to the CVE description, the problem is a computational-complexity weakness in attribute name collision checks, which can let crafted XML input consume excessive processing time and disrupt availability.

LOW libexpat project CVE published 2026-04-16

CVE-2026-41080

CVE-2026-41080 is a vulnerability in libexpat, a popular XML parsing library. The issue arises from the library's use of insufficient entropy, making it vulnerable to hash flooding attacks via crafted XML documents. This CVE was published on 2026-04-16 and modified on 2026-06-12.