Description
libexpat before 2.8.2 has an integer overflow in storeAtts.
Published: 2026-06-21
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability is an integer overflow occurring in the storeAtts function within the libexpat XML parsing library. The overflow can cause incorrect calculation of internal buffer sizes, leading to potential memory corruption or abrupt termination of the parsing process. As a result, applications using the affected library may crash, suffer loss of availability, or, in a worst‑case scenario, lose data integrity. The weakness is identified as CWE‑190. The description does not explicitly confirm arbitrary code execution, so any such outcome would be speculative.

Affected Systems

The affected product is libexpat, the XML parsing library from the libexpat project. Versions prior to 2.8.2 are impacted, as the description lists 2.8.2 as the first unaffected release. Any software that links against libexpat by version 2.8.1 or older on systems where XML input is parsed is potentially vulnerable.

Risk and Exploitability

The CVSS score of 6.9 indicates moderate overall risk. Because the EPSS score is not available, the current exploitation probability cannot be quantified. The vulnerability is not listed in the CISA KEV catalog, implying that no publicly documented exploit is known. The likely attack vector, inferred from the nature of the flaw, is through crafted XML input delivered to any service or application that parses XML with libexpat. An attacker who supplies maliciously constructed attribute data could trigger the overflow during parsing, potentially causing a crash or memory corruption. The impact is predominantly denial of service and memory corruption; any code‑execution possibility is not proven in the description.

Generated by OpenCVE AI on June 21, 2026 at 17:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update libexpat to version 2.8.2 or later from the libexpat project maintainers.
  • Ensure that all applications using libexpat are rebuilt or configured to link against the updated library, eliminating older vulnerable versions.
  • If an immediate update is not feasible, restrict XML parsing to only trusted sources or disable attribute handling until the library can be upgraded, thereby reducing exposure to malformed input that might trigger the overflow.

Generated by OpenCVE AI on June 21, 2026 at 17:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 23 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
Title Integer Overflow in libexpat XML Parsing Library libexpat: libexpat: Arbitrary code execution due to integer overflow in storeAtts
References
Metrics threat_severity

None

threat_severity

Moderate


Mon, 22 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Sun, 21 Jun 2026 18:15:00 +0000

Type Values Removed Values Added
Title Integer Overflow in libexpat XML Parsing Library

Sun, 21 Jun 2026 16:00:00 +0000

Type Values Removed Values Added
Description libexpat before 2.8.2 has an integer overflow in storeAtts.
First Time appeared Libexpat Project
Libexpat Project libexpat
Weaknesses CWE-190
CPEs cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
Vendors & Products Libexpat Project
Libexpat Project libexpat
References
Metrics cvssV3_1

{'score': 6.9, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L'}


Subscriptions

Libexpat Project Libexpat
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-22T17:05:39.258Z

Reserved: 2026-06-21T15:43:55.436Z

Link: CVE-2026-56403

cve-icon Vulnrichment

Updated: 2026-06-22T17:05:36.134Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-21T15:43:55Z

Links: CVE-2026-56403 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-21T18:45:05Z

Weaknesses
  • CWE-190

    Integer Overflow or Wraparound