CVE-2026-34401 | Microsoft XmlNotepad prior 2.9.0.21 HTTP/SMB xml external entity reference (GHSA-5j32-486h-42ch)

Inserito da Angelo Barbosa | Apr 1, 2026 | CVE

A vulnerability was found in Microsoft XmlNotepad. It has been declared as problematic. Affected is an unknown function of the component HTTP/SMB. Such manipulation leads to xml external entity reference.

This vulnerability is traded as CVE-2026-34401. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2026-34401 | Microsoft XmlNotepad prior 2.9.0.21 HTTP/SMB xml external entity reference (GHSA-5j32-486h-42ch)

Post correlati

CVE-2025-21674 | Linux Kernel up to 6.6.73/6.12.10 _bh denial of service

CVE-2024-12045 | Essential Blocks Plugin up to 5.0.9 on WordPress cross site scripting

CVE-2024-37092 | StylemixThemes Consulting Elementor Widgets Plugin up to 1.3.0 on WordPress path traversal

CVE-2025-39887 | Linux Kernel up to 6.16.7/6.17-rc5 bitmap_parselist null pointer dereference