Description
lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration (with resolve_entities=True) allows untrusted XML input to read local files. Setting the resolve_entities option explicitly to resolve_entities='internal' or resolve_entities=False disables the local file access. This vulnerability is fixed in 6.1.0.
Published: 2026-04-24
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Local File Disclosure via XXE
Action: Patch
AI Analysis

Impact

lxml, a Python library for XML and HTML processing, has a default configuration that sets the resolve_entities flag to True. This causes the XML parser to expand external entities, allowing untrusted XML input to read arbitrary local files. The weakness is a classic XML External Entity (XXE) flaw, classified as CWE-611, and can lead to sensitive data exposure. The vulnerability is triggered when an attacker supplies crafted XML to the iterparse() or ETCompatXMLParser() APIs.

Affected Systems

Any system that uses the lxml library in a version prior to 6.1.0 is affected. The lack of explicit version constraints in the data implies that all releases before 6.1.0 are vulnerable. The issue applies to both iterparse() and ETCompatXMLParser() functions within the lxml package.

Risk and Exploitability

The CVSS score for this vulnerability is 7.5, indicating a high severity. The EPSS score is reported as less than 1%, implying a very low probability of exploitation at present, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is the injection of untrusted XML documents into any feature of a Python application that relies on the default lxml configuration. If an attacker can supply such XML, they could read sensitive files from the host system, compromising confidentiality.

Generated by OpenCVE AI on April 28, 2026 at 06:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the lxml library to version 6.1.0 or newer, which disables the default entity expansion.
  • If an immediate update is not feasible, reconfigure the parser by setting resolve_entities to 'internal' or False before parsing to block external entity processing.
  • Audit code to locate all uses of iterparse() and ETCompatXMLParser(), ensuring that the resolve_entities setting is explicitly disabled in each instance.

Generated by OpenCVE AI on April 28, 2026 at 06:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-vfmq-68hx-4jfw lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files
History

Wed, 29 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Mon, 27 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Lxml
Lxml lxml
CPEs cpe:2.3:a:lxml:lxml:*:*:*:*:*:*:*:*
Vendors & Products Lxml
Lxml lxml

Fri, 24 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 24 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Description lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration (with resolve_entities=True) allows untrusted XML input to read local files. Setting the resolve_entities option explicitly to resolve_entities='internal' or resolve_entities=False disables the local file access. This vulnerability is fixed in 6.1.0.
Title lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files
Weaknesses CWE-611
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

Lxml Lxml
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-24T18:04:04.548Z

Reserved: 2026-04-16T16:43:03.174Z

Link: CVE-2026-41066

cve-icon Vulnrichment

Updated: 2026-04-24T18:03:45.409Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-24T17:16:20.933

Modified: 2026-04-27T17:59:05.297

Link: CVE-2026-41066

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-24T16:45:19Z

Links: CVE-2026-41066 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T06:15:24Z

Weaknesses