CVE-2026-56408 - Vulnerability Details

Description

libexpat before 2.8.2 has an integer overflow in copyString.

Published: 2026-06-21

Score: 6.9 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

libexpat versions prior to 2.8.2 contain an integer overflow in the copyString routine. The overflow can corrupt adjacent memory, potentially enabling arbitrary code execution or causing a crash if the affected application runs with elevated privileges.

Affected Systems

The vulnerability affects the libexpat project’s libexpat library in all releases before 2.8.2. Any system or application that links against this older library is at risk.

Risk and Exploitability

The CVSS score of 6.9 indicates moderate severity. No EPSS data is available, and the issue is not listed in the CISA KEV catalog. Attackers would need to supply a specially crafted input that triggers the overflow, so the attack vector is inferred as local or potentially remote if the library processes untrusted input from network or otherwise. The vulnerability can be exploited by an attacker who can influence the input to copyString.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

libexpat project

libexpat

unaffected

Version	Status	Constraints
`0`	affected	< 2.8.2

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update libexpat to version 2.8.2 or later, which includes the fix for the copyString integer overflow.
Rebuild any applications or embedded systems that link against libexpat to ensure the updated library is used at runtime.
If an immediate upgrade is not possible, avoid processing large or untrusted inputs with copyString, monitor for abnormal memory behavior, and consider applying memory‑safety tools such as AddressSanitizer to detect potential overflows.

Generated by OpenCVE AI on June 21, 2026 at 17:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/libexpat/libexpat/commit/16e2efd867ea8567ffa012210b52ef5918e20817

History

Sun, 21 Jun 2026 17:45:00 +0000

Type	Values Removed	Values Added
Title		Integer Overflow in libexpat copyString Function

Sun, 21 Jun 2026 16:00:00 +0000

Type	Values Removed	Values Added
Description		libexpat before 2.8.2 has an integer overflow in copyString.
First Time appeared		Libexpat Project Libexpat Project libexpat
Weaknesses		CWE-190
CPEs		cpe:2.3:a:libexpat_project:libexpat::::::::
Vendors & Products		Libexpat Project Libexpat Project libexpat
References		https://github.com/libexpat/libexpat/commit/16e2efd867ea8567ffa012210b52ef5918e20817
Metrics		cvssV3_1 `{'score': 6.9, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L'}`

Subscriptions

Libexpat Project Libexpat

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-06-21T15:51:11.303Z

Updated: 2026-06-21T15:51:11.303Z

Reserved: 2026-06-21T15:51:10.930Z

Link: CVE-2026-56408

Vulnrichment

No data.

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-21T17:30:16Z

Weaknesses

CWE-190
Integer Overflow or Wraparound

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact Low

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object