Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how expat compares to other vendors in security performance

View Risk Score →

Expat libexpatUse After Free

Risk 42
Severity
5.9
First published (updated )
CVE-2026-50219

oss-seclibexpat 2.8.1 fixes CVE-2026-45186 (denial of service)

First published (updated )
https://seclists.org/oss-sec/2026/q2/486

Python Software Foundation CPythonThe expat and elementtree parsers use insufficient entropy for XML hash-flooding protection

Risk 62
Severity
6.3
EPSS
0.06%
First published (updated )
CVE-2026-7210

Expat libexpatIn libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a d…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2468575

Expat libexpatlibexpat 2.8.1 fixes CVE-2026-45186 (denial of service)

Risk 46
Severity
7.5
First published (updated )
CVE-2026-45186
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

oss-seclibexpat 2.8.0 fixes CVE-2026-41080 (insufficient entropy)

First published (updated )
https://seclists.org/oss-sec/2026/q2/218

Libexpat Project Libexpatlibexpat 2.8.0 fixes CVE-2026-41080 (insufficient entropy)

Risk 46
Severity
7.5
First published (updated )
CVE-2026-41080

oss-seclibexpat 2.7.5 fixes the vulnerabilities (2x null def, 1x infinite loop)

First published (updated )
https://seclists.org/oss-sec/2026/q1/331

Expat ExpatWhen an Expat parser with a registered ElementDeclHandler parses an inline document type definition …

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2448181

expat looking for help with another unfixed non-public denial-of-service vulnerability [CVE-2025-66382]

First published (updated )
https://seclists.org/oss-sec/2025/q4/224
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Expat libexpatlibexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a sm…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2395108

F5 BIG-IPlibexpat 2.7.2 fixes CVE-2025-59375 (DoS, CWE-770)

Risk 48
Severity
7.5
First published (updated )
CVE-2025-59375

expat vulnerability CVE-2024-8176 / impact of cursion stack overflow vulnerabilities

First published (updated )
https://seclists.org/oss-sec/2025/q1/224

expat vulnerability CVE-2024-8176 / impact of cursion stack overflow vulnerabilities

First published (updated )
https://seclists.org/oss-sec/2025/q1/223

[CVE-2024-8176] Long linear chains of entities crash Expat with stack overflow due to use of unlimited cursion

First published (updated )
https://seclists.org/oss-sec/2025/q1/221
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Expat libexpatAn issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser funct…

Risk 18
Severity
4
First published (updated )
REDHAT-BUG-2321987

Apple iPadOSLibexpat: expat: improper restriction of xml entity expansion depth in libexpat

Risk 48
Severity
7.5
First published (updated )
CVE-2024-8176

Expat libexpatThe libexpat library is vulnerable to a stack overflow due to uncontrolled recursion when processing…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2310137

Expat libexpatAn issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for X…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2308615

Expat libexpatInteger Overflow

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2308616
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Expat 2.6.2 released, includes security fixes

First published (updated )
https://seclists.org/oss-sec/2024/q1/231

Expat ExpatExpat vulnerability

Risk 23
First published (updated )
Advisory
USN-4132-2

Expat ExpatExpat vulnerability

Risk 23
First published (updated )
Advisory
USN-4132-1

Expat ExpatExpat vulnerability

Risk 23
First published (updated )
Advisory
USN-4040-2

Expat ExpatIt was found that original patch for issues CVE-2015-1283 and CVE-2015-2716 used overflow checks tha…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-1344251
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Expat ExpatBuffer Overflow

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-1296102

Expat ExpatExpat vulnerability

Risk 23
First published (updated )
Advisory
USN-2726-1

Gnome libxml2As reported on oss-security [1]: So here are the CVE's for the two big ones, libxml2 and expat. Bot…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-1000109

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203