All 8 CVE vulnerabilities found in xmldom, with AI-generated Chinese analysis, references, and POCs.
Vendor: xmldom
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-41675 | xmldom: XML node injection through unvalidated processing instruction serialization CWE-91 | 10.0AI | CriticalAI | 2026-05-07 |
| CVE-2026-41674 | xmldom: XML injection through unvalidated DocumentType serialization CWE-91 | 7.5AI | HighAI | 2026-05-07 |
| CVE-2026-41673 | xmldom: Denial of service via uncontrolled recursion in XML serialization CWE-674 | 7.5AI | HighAI | 2026-05-07 |
| CVE-2026-41672 | xmldom: XML node injection through unvalidated comment serialization CWE-91 | 10.0AI | CriticalAI | 2026-05-07 |
| CVE-2026-34601 | xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion CWE-91 | 7.5 | High | 2026-04-02 |
| CVE-2022-39353 | xmldom allows multiple root nodes in a DOM CWE-20 | 9.4 | Critical | 2022-11-02 |
| CVE-2021-32796 | Misinterpretation of malicious XML input in xmldom CWE-116 | 6.5 | Medium | 2021-07-27 |
| CVE-2021-21366 | Misinterpretation of malicious XML input CWE-436 | 4.3 | Medium | 2021-03-12 |
All 8 known CVE vulnerabilities affecting xmldom with full Chinese analysis, references, and POCs where available.