CVE-2026-32778

ADVISORY - nist

Summary

libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.

EPSS Score⁠: 0.00012 (0.015)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-476⁠

NULL Pointer Dereference

ADVISORY - redhat

CWE-476⁠

NULL Pointer Dereference

Impacted images

Advisories

NIST

CREATED

5 days ago

UPDATED

4 days ago

ADVISORY IDCVE-2026-32778⁠

EXPLOITABILITY SCORE

1.4

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-476⁠

CVSS SCORE

2.9low

Alpine

CREATED

3 days ago

UPDATED

3 days ago

ADVISORY IDCVE-2026-32778⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

4 days ago

UPDATED

3 days ago

ADVISORY IDCVE-2026-32778⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

4 days ago

UPDATED

2 days ago

ADVISORY IDCVE-2026-32778⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.5medium

Red Hat

CREATED

5 days ago

UPDATED

4 days ago

ADVISORY IDCVE-2026-32778⁠

EXPLOITABILITY SCORE

1.4

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-476⁠

CVSS SCORE

5.1medium