CyberSec.Space Logo
Back to CVE Browser

CVE-2025-49796

CRITICAL
9.1
CVSS Severity Score
EPSS Score0.1890%
EPSS Percentile23.40th
PublishedJun 16, 2025
Last ModifiedJun 2, 2026

Vulnerability Description

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

πŸ”— https://access.redhat.com/errata/RHSA-2025:10630
πŸ”— https://access.redhat.com/errata/RHSA-2025:10698
πŸ”— https://access.redhat.com/errata/RHSA-2025:10699
πŸ”— https://access.redhat.com/errata/RHSA-2025:11580
πŸ”— https://access.redhat.com/errata/RHSA-2025:12098
πŸ”— https://access.redhat.com/errata/RHSA-2025:12099
πŸ”— https://access.redhat.com/errata/RHSA-2025:12199
πŸ”— https://access.redhat.com/errata/RHSA-2025:12237

Related Vulnerabilities

CVE-2025-437810.0

Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in Ataturk University ATA-AOF Mobile ...

CVE-2025-428510.0

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technol...

CVE-2025-524310.0

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command In...

CVE-2025-958810.0

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archivin...