Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 4.9 CVE-2026-56412

CVE-2026-56412_CVE-2026-56412

libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking for various calls from with...

libexpat project libexpat CVE
MEDIUM 6.9 CVE-2026-56411

CVE-2026-56411_CVE-2026-56411

xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations.

libexpat project libexpat CVE
MEDIUM 6.8 2065E713-A0BE-

Exploit for CVE-2025-13407_2065E713-A0BE-5D45-B1FE-2006FD5C452F

CVE-2025-13407 GravityForms 2.9.23.1 - Unauthenticated Arbitrary File Upload TELEGRAM GROUP ADRESS: https://t.me/toolsandpoc...

N/A N/A GITHUBEXPLOIT
MEDIUM 6.9 CVE-2026-56410

CVE-2026-56410_CVE-2026-56410

xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId.

libexpat project libexpat CVE
MEDIUM 6.5 CVE-2026-56409

CVE-2026-56409_CVE-2026-56409

xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used.

libexpat project libexpat CVE
MEDIUM 6.9 CVE-2026-56408

CVE-2026-56408_CVE-2026-56408

libexpat before 2.8.2 has an integer overflow in copyString.

libexpat project libexpat CVE
MEDIUM 6.9 CVE-2026-56407

CVE-2026-56407_CVE-2026-56407

libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen.

libexpat project libexpat CVE
MEDIUM 6.9 CVE-2026-56406

CVE-2026-56406_CVE-2026-56406

libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse.

libexpat project libexpat CVE
MEDIUM 6.9 CVE-2026-56405

CVE-2026-56405_CVE-2026-56405

libexpat before 2.8.2 has an integer overflow in getAttributeId.

libexpat project libexpat CVE
MEDIUM 6.9 CVE-2026-56404

CVE-2026-56404_CVE-2026-56404

libexpat before 2.8.2 has an integer overflow in addBinding.

libexpat project libexpat CVE