CVE-2026-6732

· NIST NVD ↗

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial of service (DoS), making the affected system or application unavailable.

MEDIUM
CVSS severity
6.5
CVSS base score
2026-04-23
Published

CWE codes

CWE-843

Affected products

xmlsoft:libxml2redhat:hardened_imagesredhat:jboss_core_servicesredhat:openshift_container_platformredhat:enterprise_linux

Sources