CVE-2026-49472 | signalwire FreeSWITCH up to 1.10.x xmltok_impl.c escape output (GHSA-4jm3-xpcm-mwwq)

Inserito da Angelo Barbosa | Giu 9, 2026 | CVE

A vulnerability categorized as problematic has been discovered in signalwire FreeSWITCH up to 1.10.x. This affects an unknown part in the library libs/xmlrpc-c/lib/expat/xmltok/xmltok_impl.c. The manipulation results in escaping of output.

This vulnerability was named CVE-2026-49472. The attack may be performed from remote. There is no available exploit.

It is advisable to upgrade the affected component.

CVE-2026-49472 | signalwire FreeSWITCH up to 1.10.x xmltok_impl.c escape output (GHSA-4jm3-xpcm-mwwq)

Post correlati

CVE-2024-33213 | Tenda FH1206 1.2.0.8(8155)_EN ip/goform/RouteStatic mitInterface stack-based overflow

CVE-2023-33072 | Qualcomm 4 Gen 1 Mobile Platform memory corruption

CVE-2024-27931 | denoland deno up to 1.41.0 Deno.makeTemp input validation (GHSA-hrqr-jv8w-v9jh)

CVE-2024-55997 | Web Chunky Order Delivery & Pickup Location Date Time Plugin up to 1.1.0 on WordPress authorization