PT-2026-5383 · Libexpat+4 · Libexpat+4

Sebastian Pipping

·

Published

2026-01-30

·

Updated

2026-05-26

·

CVE-2026-25210

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.7.4
Description The doContent function in libexpat does not correctly calculate the buffer size bufSize when reallocating memory for tags, due to a missing integer overflow check. This can lead to potential issues with memory management.
Recommendations Update libexpat to version 2.7.4 or later.

Fix

DoS

Integer Overflow

Weakness Enumeration

CWE-190

Related Identifiers

AZL-75815
AZL-76340
BDU:2026-03635
CLEANSTART-2026-AF52025
CLEANSTART-2026-AG21538
CLEANSTART-2026-AX74442
CLEANSTART-2026-AY18527
CLEANSTART-2026-BW46578
CLEANSTART-2026-CH17958
CLEANSTART-2026-CL65461
CLEANSTART-2026-CN84623
CLEANSTART-2026-CO09549
CLEANSTART-2026-CP08056
CLEANSTART-2026-DB61851
CLEANSTART-2026-DJ93523
CLEANSTART-2026-DK70097
CLEANSTART-2026-DP35743
CLEANSTART-2026-DP59378
CLEANSTART-2026-EM10970
CLEANSTART-2026-EO57061
CLEANSTART-2026-FN44356
CLEANSTART-2026-GN22652
CLEANSTART-2026-GR41888
CLEANSTART-2026-GR86205
CLEANSTART-2026-GY48351
CLEANSTART-2026-HH39661
CLEANSTART-2026-HJ96712
CLEANSTART-2026-HL08143
CLEANSTART-2026-HM96194
CLEANSTART-2026-IB04141
CLEANSTART-2026-IJ23041
CLEANSTART-2026-IN87004
CLEANSTART-2026-IO64153
CLEANSTART-2026-JH41080
CLEANSTART-2026-JL41223
CLEANSTART-2026-JP09281
CLEANSTART-2026-KA21986
CLEANSTART-2026-KB11938
CLEANSTART-2026-KF75900
CLEANSTART-2026-KH40159
CLEANSTART-2026-KJ79497
CLEANSTART-2026-KW35511
CLEANSTART-2026-KX82113
CLEANSTART-2026-LB69194
CLEANSTART-2026-LF33811
CLEANSTART-2026-LQ42192
CLEANSTART-2026-NJ24264
CLEANSTART-2026-NN56899
CLEANSTART-2026-NV78596
CLEANSTART-2026-OH43332
CLEANSTART-2026-OV74385
CLEANSTART-2026-PD43534
CLEANSTART-2026-PH91954
CLEANSTART-2026-PK19530
CLEANSTART-2026-PO55014
CLEANSTART-2026-PV93827
CLEANSTART-2026-QM31011
CLEANSTART-2026-QP67751
CLEANSTART-2026-RO34407
CLEANSTART-2026-RO70091
CLEANSTART-2026-SZ14466
CLEANSTART-2026-TB28500
CLEANSTART-2026-TL29125
CLEANSTART-2026-TN71701
CLEANSTART-2026-UB19292
CLEANSTART-2026-UN47141
CLEANSTART-2026-UQ00642
CLEANSTART-2026-UV97144
CLEANSTART-2026-UZ82654
CVE-2026-25210
ECHO-D167-D9FF-F755
MGASA-2026-0031
OESA-2026-1295
OESA-2026-1296
OESA-2026-1297
OESA-2026-1298
OPENSUSE-SU-2026:10144-1
OPENSUSE-SU-2026:20306-1
SUSE-SU-2026:0386-1
SUSE-SU-2026:0646-1
SUSE-SU-2026:0647-1
SUSE-SU-2026:0826-1
SUSE-SU-2026:20350-1
SUSE-SU-2026:20481-1
SUSE-SU-2026:20627-1
SUSE-SU-2026:20642-1
USN-8022-1
USN-8022-2
USN-8023-1

Affected Products

Ibm Aix
Linuxmint
Red Os
Ubuntu
Libexpat