CVE-2026-25210

MEDIUM

6.9

Descripcion

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.

Detalles CVE

Puntuacion CVSS v3.16.9

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

Vector de ataqueLOCAL

ComplejidadHIGH

Privilegios requeridosNONE

Interaccion usuarioNONE

Publicado1/30/2026

Ultima modificacion3/10/2026

Fuentenvd

Avistamientos honeypot0

Productos afectados

libexpat_project:libexpat

Debilidades (CWE)

CWE-190

Referencias

https://github.com/libexpat/libexpat/pull/1075(cve@mitre.org)

https://github.com/libexpat/libexpat/pull/1075/commits/9c2d990389e6abe2e44527eeaa8b39f16fe859c7(cve@mitre.org)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.