Browse all 8 CVE security advisories affecting xmlsoft. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Xmlsoft develops the libxml2 library, a widely used toolkit for parsing XML and HTML documents. Historically, vulnerabilities in this software have frequently involved remote code execution, denial-of-service conditions, and information disclosure due to memory corruption flaws in parsing functions. The library's position in the software supply chain means its vulnerabilities can impact numerous applications. While no major public incidents have been specifically attributed to xmlsoft, its inclusion in critical infrastructure necessitates careful patch management. The eight recorded CVEs highlight ongoing security challenges in handling malformed input, emphasizing the need for robust input validation and secure coding practices when integrating this library.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-24855 | Libxslt 资源管理错误漏洞 — libxsltCWE-416 | 7.8 | High | 2025-03-14 |
| CVE-2024-55549 | Libxslt 资源管理错误漏洞 — libxsltCWE-416 | 7.8 | High | 2025-03-14 |
This page lists every published CVE security advisory associated with xmlsoft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.