PT-2026-25631 · Libexpat+2 · Libexpat+2

Hartwork

Published

2026-01-01

Updated

2026-05-26

CVE-2026-32777

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.7.5

Description The software contains a flaw where parsing DTD content can lead to an infinite loop.

Recommendations Update libexpat to version 2.7.5 or later.

Fix

DoS

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

BDU:2026-07264

CVE-2026-32777

ECHO-1645-A8DE-A79E

MGASA-2026-0061

OESA-2026-1736

OESA-2026-1882

OESA-2026-1883

OESA-2026-1884

OESA-2026-1885

OESA-2026-1886

OPENSUSE-SU-2026:10466-1

OPENSUSE-SU-2026:10620-1

OPENSUSE-SU-2026:10642-1

OPENSUSE-SU-2026:20448-1

OPENSUSE-SU-2026:20674-1

OPENSUSE-SU-2026:20769-1

SUSE-SU-2026:1137-1

SUSE-SU-2026:1159-1

SUSE-SU-2026:1166-1

SUSE-SU-2026:1352-1

SUSE-SU-2026:1742-1

SUSE-SU-2026:1817-1

SUSE-SU-2026:1870-1

SUSE-SU-2026:1956-1

SUSE-SU-2026:20963-1

SUSE-SU-2026:20985-1

SUSE-SU-2026:21031-1

SUSE-SU-2026:21062-1

SUSE-SU-2026:21545-1

Affected Products

Ibm Aix

Red Os

Libexpat

CVE-2026-32777

Weakness Enumeration

Related Identifiers

Affected Products

References · 73