PT-2026-25630 · Libexpat+2 · Libexpat+2

Hartwork

Published

2026-01-01

Updated

2026-05-26

CVE-2026-32776

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.7.5

Description The software contains a flaw where a NULL pointer dereference can occur when processing empty external parameter entity content.

Recommendations Update to version 2.7.5 or later.

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2026-07341

CVE-2026-32776

ECHO-FC31-9C00-0D53

MGASA-2026-0061

OESA-2026-1736

OESA-2026-1882

OESA-2026-1883

OESA-2026-1884

OESA-2026-1885

OESA-2026-1886

OPENSUSE-SU-2026:10466-1

OPENSUSE-SU-2026:10620-1

OPENSUSE-SU-2026:10642-1

OPENSUSE-SU-2026:20448-1

OPENSUSE-SU-2026:20674-1

OPENSUSE-SU-2026:20769-1

SUSE-SU-2026:1137-1

SUSE-SU-2026:1159-1

SUSE-SU-2026:1166-1

SUSE-SU-2026:1352-1

SUSE-SU-2026:1742-1

SUSE-SU-2026:1817-1

SUSE-SU-2026:1870-1

SUSE-SU-2026:1956-1

SUSE-SU-2026:20963-1

SUSE-SU-2026:20985-1

SUSE-SU-2026:21031-1

SUSE-SU-2026:21062-1

SUSE-SU-2026:21545-1

Affected Products

Ibm Aix

Red Os

Libexpat

CVE-2026-32776

Weakness Enumeration

Related Identifiers

Affected Products

References · 71