It was discovered that Expat incorrectly handled memory when parsing certain XML files. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 25.10. (CVE-2025-59375) It was discovered that Expat incorrectly handled the initialization of parsers for external entities. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-24515) It was discovered that Expat incorrectly handled integer calculations when allocating memory for XML tags. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2026-25210)
Continue reading...
Continue reading...
