PT-2026-25632 · Libexpat+2 · Libexpat+2

Sebastian Pipping

Publicado

2026-01-01

Atualizado

2026-06-05

CVE-2026-32778

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.7.5

Description The software contains a flaw where a NULL pointer dereference can occur within the setContext function when retrying an operation after a previous out-of-memory condition.

Recommendations Update libexpat to version 2.7.5 or later.

Correção

RCE

DoS

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

BDU:2026-07335

CVE-2026-32778

ECHO-3AF7-0BD3-2A49

MGASA-2026-0061

OPENSUSE-SU-2026:10466-1

OPENSUSE-SU-2026:10620-1

OPENSUSE-SU-2026:10642-1

OPENSUSE-SU-2026:20448-1

OPENSUSE-SU-2026:20674-1

OPENSUSE-SU-2026:20769-1

SUSE-SU-2026:1137-1

SUSE-SU-2026:1159-1

SUSE-SU-2026:1166-1

SUSE-SU-2026:1352-1

SUSE-SU-2026:1742-1

SUSE-SU-2026:1817-1

SUSE-SU-2026:1870-1

SUSE-SU-2026:1956-1

SUSE-SU-2026:20963-1

SUSE-SU-2026:20985-1

SUSE-SU-2026:21031-1

SUSE-SU-2026:21062-1

SUSE-SU-2026:21545-1

Produtos afetados

Ibm Aix

Red Os

Libexpat

PT-2026-25632 · Libexpat+2 · Libexpat+2

CVE-2026-32778

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 61