CVE-2026-25210

ADVISORY - nist

Summary

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-190⁠

Integer Overflow or Wraparound

Impacted images

Advisories

NIST

CREATED

5 hours ago

UPDATED

5 hours ago

ADVISORY IDCVE-2026-25210⁠

EXPLOITABILITY SCORE

1.4

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-190⁠

CVSS SCORE

6.9medium

Debian

CREATED

2 hours ago

UPDATED

2 hours ago

ADVISORY IDCVE-2026-25210⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY