CVE Catalog

CVE-2026-56412

MediumCVSS 4.9
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.11%

1th percentile — higher than 1% of all known CVEs

Summary

In libexpat before version 2.8.2, XML_TOK_DATA_CHARS is not considered in doCdataSection, leading to a lack of handler call depth tracking in cases of policy violation. This can result in a use-after-free error.

Risk Assessment

Organizations may be vulnerable to attacks exploiting this flaw, potentially leading to unauthorized memory access and data leaks.

Recommendation

It is recommended to update the libexpat library to version 2.8.2 or later to mitigate this vulnerability.

Original NVD description (English source)

libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS