CVE-2026-45771 | signalwire FreeSWITCH up to 1.10.x XML Parser xml entity expansion (GHSA-5vjg-pv56-vg4c)

Inserito da Angelo Barbosa | Giu 9, 2026 | CVE

A vulnerability was found in signalwire FreeSWITCH up to 1.10.x. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component XML Parser. Executing a manipulation can lead to xml entity expansion.

This vulnerability is handled as CVE-2026-45771. The attack can be executed remotely. There is not any exploit available.

It is recommended to upgrade the affected component.

CVE-2026-45771 | signalwire FreeSWITCH up to 1.10.x XML Parser xml entity expansion (GHSA-5vjg-pv56-vg4c)

Post correlati

CVE-2026-48800 | Notepad++ up to 8.9.6 NppXml::value Parameters.cpp UserCommand os command injection (GHSA-3x3f-3j39-pj3v)

CVE-2024-10470 | WPLMS Learning Management System Plugin up to 4.962 on WordPress File path traversal

CVE-2026-2312 | Media Library Folders Plugin up to 8.3.6 on WordPress Attachment delete_maxgalleria_media resource injection

CVE-2025-5410 | Mist Community Edition up to 4.7.1 middleware.py session_start_response cross-site request forgery