PT-2026-39462 · Libexpat+1 · Libexpat+1

Hartwork

·

Published

2026-05-08

·

Updated

2026-06-25

·

CVE-2026-45186

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.1
Description The computational complexity of attribute name collision checks allows a denial of service when processing moderately sized crafted XML input.
Recommendations Update to version 2.8.1 or later.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

ALSA-2026:22715
ALSA-2026:22721
ALSA-2026:23230
BDU:2026-08066
CVE-2026-45186
ECHO-0089-929B-F00D
OESA-2026-2430
OESA-2026-2431
OESA-2026-2432
OESA-2026-2433
OESA-2026-2500
OPENSUSE-SU-2026:10787-1
RHSA-2026:22715
RHSA-2026:22721
RHSA-2026:23230

Affected Products

Rocky Linux
Libexpat