CVE-2026-56132 - CERT CVE

  1. CVE-2026-56132

ID CVE-2026-56132
Sažetak In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers.
Reference
CVSS
Base: 6.9
Impact: 5.5
Exploitability:1.4
Pristup
VektorSloženostAutentikacija
LOCAL HIGH NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH LOW
CVSS vektor CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
Zadnje važnije ažuriranje 19-06-2026 - 06:17
Objavljeno 19-06-2026 - 06:17