Description
libexpat before 2.8.2 has an integer overflow in getAttributeId.
Published: 2026-06-21
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

libexpat before version 2.8.2 contains an integer overflow in the getAttributeId function, which can corrupt memory for malformed XML input. The overflow may result in a crash or denial of service, and while the CVE description does not indicate remote code execution, the corruption could be leveraged by a local attacker to destabilize services.

Affected Systems

The vulnerability affects the libexpat project’s libexpat library for all releases prior to 2.8.2. Any system using a pre‑2.8.2 build of this library is at risk.

Risk and Exploitability

With a CVSS score of 6.9, the risk is moderate. The EPSS score is not provided and the issue is not listed in the CISA KEV catalog, indicating no known active exploitation at the time of assessment. Attackers would need to supply crafted XML data to trigger the overflow, typically through local or elevated code that parses XML files. The impact is primarily denial of service unless coupled with additional vulnerabilities.

Generated by OpenCVE AI on June 21, 2026 at 17:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update libexpat to version 2.8.2 or later, which resolves the integer overflow
  • Restart any services that use libexpat after upgrading to ensure the new library is loaded
  • As a temporary measure, validate or limit XML input length or structure to reduce the likelihood of triggering the overflow until the update can be applied

Generated by OpenCVE AI on June 21, 2026 at 17:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 21 Jun 2026 17:45:00 +0000

Type Values Removed Values Added
Title Integer Overflow in libexpat getAttributeId before 2.8.2

Sun, 21 Jun 2026 16:00:00 +0000

Type Values Removed Values Added
Description libexpat before 2.8.2 has an integer overflow in getAttributeId.
First Time appeared Libexpat Project
Libexpat Project libexpat
Weaknesses CWE-190
CPEs cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
Vendors & Products Libexpat Project
Libexpat Project libexpat
References
Metrics cvssV3_1

{'score': 6.9, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L'}

Subscriptions

Libexpat Project Libexpat
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-21T15:47:13.343Z

Reserved: 2026-06-21T15:47:12.947Z

Link: CVE-2026-56405

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-21T17:30:16Z

Weaknesses
  • CWE-190

    Integer Overflow or Wraparound