CVE-2026-25210
7.8
HIGH
CVSS 3.1
EPSS 0.01%
Description
In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.
How to fix CVE-2026-25210
To remediate CVE-2026-25210, upgrade the affected package to a fixed version below.
- Alpine/expat—upgrade to 2.7.4-r0 or later
- Debian/expat—no fix listed
Is CVE-2026-25210 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2.7.4-r0
- from 0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |