Browse all 8 CVE security advisories affecting libexpat project. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The libexpat project provides a stream-oriented XML parser library widely used for parsing XML data in applications and systems. Historically, it has been susceptible to remote code execution vulnerabilities through buffer overflows and integer overflows in XML parsing functions, as well as denial-of-service conditions via crafted XML inputs. Cross-site scripting vulnerabilities have also been identified in applications using the library. While no major security incidents have been widely documented, the 8 CVEs on record highlight consistent exposure to memory corruption flaws. The library's C implementation and widespread integration into critical infrastructure make it a persistent target for exploitation, particularly through malformed XML payloads targeting parser logic.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-41080 | libexpat 安全漏洞 — libexpatCWE-331 | 2.9 | Low | 2026-04-16 |
| CVE-2026-32778 | libexpat 代码问题漏洞 — libexpatCWE-476 | 2.9 | Low | 2026-03-16 |
| CVE-2026-32777 | libexpat 安全漏洞 — libexpatCWE-835 | 4.0 | Medium | 2026-03-16 |
| CVE-2026-32776 | libexpat 代码问题漏洞 — libexpatCWE-476 | 4.0 | Medium | 2026-03-16 |
| CVE-2026-25210 | libexpat 输入验证错误漏洞 — libexpatCWE-190 | 6.9 | Medium | 2026-01-30 |
| CVE-2026-24515 | libexpat 代码问题漏洞 — libexpatCWE-476 | 2.9 | Low | 2026-01-23 |
| CVE-2025-66382 | libexpat 安全漏洞 — libexpatCWE-407 | 2.9 | Low | 2025-11-28 |
| CVE-2025-59375 | Expat 安全漏洞 — libexpatCWE-770 | 7.5 | High | 2025-09-15 |
This page lists every published CVE security advisory associated with libexpat project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.