CVE-2026-1757

ADVISORY - nist

Summary

A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to free the allocated buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system memory and terminate the xmllint process, creating a denial-of-service condition on the local system.

EPSS Score: 0.00194 (0.093)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Missing Release of Memory after Effective Lifetime

ADVISORY - redhat

Missing Release of Memory after Effective Lifetime


Debian

CREATED

UPDATED

ADVISORY IDCVE-2026-1757
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow
PackageTypeOS NameOS VersionAffected RangesFix Versions
debian/libxml2debdebianunstable<2.15.2+dfsg-0.12.15.2+dfsg-0.1
debian/libxml2debdebian12<2.9.14+dfsg-1.3~deb12u62.9.14+dfsg-1.3~deb12u6
debian/libxml2debdebian11<2.9.10+dfsg-6.7+deb11u102.9.10+dfsg-6.7+deb11u10
debian/libxml2debdebian14<2.15.2+dfsg-0.12.15.2+dfsg-0.1
debian/libxml2debdebian13<2.12.7+dfsg+really2.9.14-2.1+deb13u32.12.7+dfsg+really2.9.14-2.1+deb13u3

Severity and metrics

No CVSS data available from this advisory.

NIST

CREATED

UPDATED

ADVISORY IDCVE-2026-1757
EXPLOITABILITY SCORE

2.5

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

6.2medium

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2026-1757
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Amazon

CREATED

UPDATED

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Amazon

CREATED

UPDATED

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2026-1757
EXPLOITABILITY SCORE

2.5

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

6.2medium

Photon

CREATED

UPDATED

ADVISORY ID

CVE-2026-1757

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.2medium