CVE-2026-29079

Name of the Vulnerable Software and Affected Versions Lexbor versions prior to 2.7.0

Description Lexbor is a web browser engine library. A type-confusion issue exists in Lexbor’s HTML fragment parser. When ns is UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting the qualified name field. This corrupted value is later used as a pointer and dereferenced.

Recommendations Update to Lexbor version 2.7.0 or later.