CVE-2026-24515

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.7.4

Description The issue resides in the XML ExternalEntityParserCreate function. It does not properly copy user data for unknown encoding handlers, potentially leading to memory corruption. Reports indicate a critical impact on Linux distributions and applications, with the possibility of Remote Code Execution (RCE). The issue is described as an XML External Entity (XXE) flaw.

Recommendations Versions prior to 2.7.4 should be updated to version 2.7.4 or later.

Fix

RCE

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

AZL-75102

AZL-75216

BDU:2026-03634

CLEANSTART-2026-AF52025

CLEANSTART-2026-AG21538

CLEANSTART-2026-AX74442

CLEANSTART-2026-AY18527

CLEANSTART-2026-BW46578

CLEANSTART-2026-CH17958

CLEANSTART-2026-CL65461

CLEANSTART-2026-CN84623

CLEANSTART-2026-CO09549

CLEANSTART-2026-CP08056

CLEANSTART-2026-DB61851

CLEANSTART-2026-DJ93523

CLEANSTART-2026-DK70097

CLEANSTART-2026-DP35743

CLEANSTART-2026-DP59378

CLEANSTART-2026-EM10970

CLEANSTART-2026-EO57061

CLEANSTART-2026-FN44356

CLEANSTART-2026-GN22652

CLEANSTART-2026-GR41888

CLEANSTART-2026-GR86205

CLEANSTART-2026-GY48351

CLEANSTART-2026-HH39661

CLEANSTART-2026-HJ96712

CLEANSTART-2026-HL08143

CLEANSTART-2026-HM96194

CLEANSTART-2026-IB04141

CLEANSTART-2026-IJ23041

CLEANSTART-2026-IN87004

CLEANSTART-2026-IO64153

CLEANSTART-2026-JH41080

CLEANSTART-2026-JL41223

CLEANSTART-2026-JP09281

CLEANSTART-2026-KA21986

CLEANSTART-2026-KB11938

CLEANSTART-2026-KF75900

CLEANSTART-2026-KH40159

CLEANSTART-2026-KJ79497

CLEANSTART-2026-KW35511

CLEANSTART-2026-KX82113

CLEANSTART-2026-LB69194

CLEANSTART-2026-LF33811

CLEANSTART-2026-LQ42192

CLEANSTART-2026-NJ24264

CLEANSTART-2026-NN56899

CLEANSTART-2026-NV78596

CLEANSTART-2026-OH43332

CLEANSTART-2026-OV74385

CLEANSTART-2026-PD43534

CLEANSTART-2026-PH91954

CLEANSTART-2026-PK19530

CLEANSTART-2026-PO55014

CLEANSTART-2026-PV93827

CLEANSTART-2026-QM31011

CLEANSTART-2026-QP67751

CLEANSTART-2026-RO34407

CLEANSTART-2026-RO70091

CLEANSTART-2026-SZ14466

CLEANSTART-2026-TB28500

CLEANSTART-2026-TL29125

CLEANSTART-2026-TN71701

CLEANSTART-2026-UB19292

CLEANSTART-2026-UN47141

CLEANSTART-2026-UQ00642

CLEANSTART-2026-UV97144

CLEANSTART-2026-UZ82654

CVE-2026-24515

ECHO-CBF6-E20A-84E9

MGASA-2026-0031

OESA-2026-1272

OESA-2026-1273

OESA-2026-1274

OESA-2026-1297

OESA-2026-1299

OPENSUSE-SU-2026:10144-1

OPENSUSE-SU-2026:20306-1

SUSE-SU-2026:0386-1

SUSE-SU-2026:0646-1

SUSE-SU-2026:0647-1

SUSE-SU-2026:0826-1

SUSE-SU-2026:20350-1

SUSE-SU-2026:20481-1

SUSE-SU-2026:20627-1

SUSE-SU-2026:20642-1

USN-8022-1

USN-8022-2

USN-8023-1

Affected Products

Ibm Aix

Linuxmint

Red Os

Ubuntu

Libexpat

CVE-2026-24515

Weakness Enumeration

Related Identifiers

Affected Products

References · 670