Ghostwire

CVE-2026-56412: libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking...

MEDIUM CVSS 4.9 Exploit Available

Published: June 21, 2026 | Last Modified: June 21, 2026

Description

libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219.

Ghostwire Analysis — What This Means Practically

Medium CVSS score indicates moderate risk — exploitation requires specific conditions or results in limited impact.
Exploit code is reported to be available, increasing the likelihood of active exploitation.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (1 articles)

References

github.com/libexpat/libexpat/pull/1278
www.tenable.com/cve/CVE-2026-56412
www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2026-56412