CVE-2026-24515 | libexpat up to 2.7.3 XML_ExternalEntityParserCreate null pointer dereference

Inserito da Angelo Barbosa | Gen 23, 2026 | CVE

A vulnerability was found in libexpat up to 2.7.3 and classified as problematic. Affected is the function XML_ExternalEntityParserCreate. The manipulation results in null pointer dereference.

This vulnerability was named CVE-2026-24515. The attack needs to be approached locally. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-24515 | libexpat up to 2.7.3 XML_ExternalEntityParserCreate null pointer dereference

Post correlati

CVE-2024-58135 | SRI Mojolicious up to 9.39 on Perl HMAC Session Secrets rand weak prng

CVE-2024-29885 | Stimulsoft Reports up to 5.2.2 canView access control

CVE-2024-46818 | Linux Kernel up to 6.10.8 AMD Display gpio_id array index

CVE-2024-47541 | GStreamer up to 1.24.9 gstssaparse.c memmove out-of-bounds write (GHSL-2024-228)