xmlsoft
OSS Librariesoss-project
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting xmlsoft.
- CVE-2026-11979Stack-Based Buffer Overflow in libxml27.8
- CVE-2026-6732Libxml2: libxml2: denial of service via crafted xsd-validated document6.5
- CVE-2026-0992Libxml2: libxml2: denial of service via crafted xml catalogs2.9
- CVE-2026-0989Libxml2: unbounded relaxng include recursion leading to stack overflow3.7
- CVE-2026-0990Libxml2: libxml2: denial of service via uncontrolled recursion in xml catalog processing5.9
- CVE-2025-9714Stack overflow in libxml26.2
- CVE-2025-7424Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes7.5
- CVE-2025-6170Libxml2: stack buffer overflow in xmllint interactive shell command handling2.5
- CVE-2025-6021Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml27.5
- CVE-2025-32415In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against a...2.9
- CVE-2025-32414In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead a...5.6
- CVE-2025-24855numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, ...7.8
- CVE-2024-55549xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.7.8
- CVE-2025-27113libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.2.9
- CVE-2025-24928libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untruste...7.8