xmlsoft
Security Risk Profile
30
/100
lowSecurity Risk Score
Comprehensive risk assessment based on 135 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from February 2, 2003 to present
135
Total CVEs
78
Critical+High
0
Exploited
15
Unpatched
Threat Assessment
Avg CVSS
7.1
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
15
Critical/High
Risk Level
30/100
low
Severity Distribution
Critical
21High
57Medium
53Low
3Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
11Age Distribution
Common Weaknesses (CWE)
1
Buffer Overflow
53
2
Use After Free
22
3
Input Validation
15
4
Integer Overflow
14
5
Null Pointer Dereference
12
Most Affected Products
1. XMLSoft Libxml2510
2. Xmlsoft Libxml2485
3. Google Chrome242
4. Apple iPhone OS223
5. Xmlsoft Libxslt190
Recent Vulnerabilities
See more →CVE-2026-6732
CVSS 7.5EPSS 0%high
Libxml2: libxml2: denial of service via crafted xsd-validated document
4/23/2026🔧 No Patch
CVE-2026-0989
CVSS 3.7EPSS 0%low
Libxml2: unbounded relaxng include recursion leading to stack overflow
1/15/2026🔧 No Patch
CVE-2025-9714
CVSS 6.2EPSS 0%medium
Stack overflow in libxml2
9/2/2025
CVE-2025-7424
CVSS 7.8EPSS 0%high
Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes
7/10/2025
CVE-2025-6170
CVSS 2.5EPSS 0%low
Libxml2: stack buffer overflow in xmllint interactive shell command handling
6/16/2025🔧 No Patch
CVE-2025-6021
CVSS 7.5EPSS 0%high
Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2
6/12/2025🔧 No Patch
CVE-2025-32415
CVSS 7.5EPSS 0%high
4/17/2025
CVE-2025-32414
CVSS 7.5EPSS 0%high
4/8/2025
REDHAT-BUG-2346421
CVSS 7.0high
2/18/2025🔧 No Patch
CVE-2024-56171
CVSS 9.8critical
2/18/2025
Monitor xmlsoft in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.