Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-6653

Use After Free in libxml2's xmlParseInternalSubset from GNOME libxml2 version 2.9.11 to 2.11.0 allows a remote attacker to cause a denial-of-service via maliciously crafted XML input with improper entity resolution handling.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 20.8%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2026-6653
  • Xmlsoft » Libxml2 » Version: 2.10.0
    cpe:2.3:a:xmlsoft:libxml2:2.10.0
  • Xmlsoft » Libxml2 » Version: 2.10.1
    cpe:2.3:a:xmlsoft:libxml2:2.10.1
  • Xmlsoft » Libxml2 » Version: 2.10.2
    cpe:2.3:a:xmlsoft:libxml2:2.10.2
  • Xmlsoft » Libxml2 » Version: 2.10.3
    cpe:2.3:a:xmlsoft:libxml2:2.10.3
  • Xmlsoft » Libxml2 » Version: 2.10.4
    cpe:2.3:a:xmlsoft:libxml2:2.10.4
  • Xmlsoft » Libxml2 » Version: 2.11.0
    cpe:2.3:a:xmlsoft:libxml2:2.11.0
  • Xmlsoft » Libxml2 » Version: 2.9.11
    cpe:2.3:a:xmlsoft:libxml2:2.9.11
  • Xmlsoft » Libxml2 » Version: 2.9.12
    cpe:2.3:a:xmlsoft:libxml2:2.9.12
  • Xmlsoft » Libxml2 » Version: 2.9.13
    cpe:2.3:a:xmlsoft:libxml2:2.9.13
  • Xmlsoft » Libxml2 » Version: 2.9.14
    cpe:2.3:a:xmlsoft:libxml2:2.9.14


Contact Us

Shodan ® - All rights reserved