CVE-2026-7210 | Python CPython up to 3.14.x XML xml.parsers.Expat/xml.etree.ElementTree entropy (ID 149018)

Inserito da Angelo Barbosa | Mag 11, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Python CPython up to 3.14.x. The impacted element is the function xml.parsers.Expat/xml.etree.ElementTree of the component XML Handler. The manipulation leads to insufficient entropy.

This vulnerability is traded as CVE-2026-7210. It is possible to initiate the attack remotely. There is no exploit available.

It is advisable to upgrade the affected component.

CVE-2026-7210 | Python CPython up to 3.14.x XML xml.parsers.Expat/xml.etree.ElementTree entropy (ID 149018)

Post correlati

CVE-2024-31036 | NanoMQ 0.21.7 Hexstreams read_byte heap-based overflow (Issue 1722)

CVE-2026-33125 | blakeblackshear frigate up to 0.16.2 improper authorization

CVE-2024-49408 | Samsung Mobile Devices out-of-bounds write

CVE-2025-9569 | Sunnet eHRD CTMS cross site scripting