CVE-2026-40042 | Pachno 1.0.6 XML Parser simplexml_load_string file descriptor (ZSL-2026-5984)

Inserito da Angelo Barbosa | Apr 13, 2026 | CVE

A vulnerability classified as critical was found in Pachno 1.0.6. The impacted element is the function simplexml_load_string of the component XML Parser. The manipulation results in exposure of file descriptor to unintended control sphere (‘file descriptor leak’).

This vulnerability is known as CVE-2026-40042. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-40042 | Pachno 1.0.6 XML Parser simplexml_load_string file descriptor (ZSL-2026-5984)

Post correlati

CVE-2022-32506 | Nuki Bridge up to 1.21.x/2.12.3/2.13.1/3.3.4 SWD Debug Local Privilege Escalation

CVE-2024-10877 | AFI Plugin up to 1.92.0 on WordPress cross site scripting

CVE-2024-25850 | Netis WF2780 2.1.40144 wps_ap_ssid5g command injection

CVE-2025-10851 | Campcodes Gym Management System 1.0 /ajax.php?action=login Username sql injection