Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

libxml2 — Vulnerabilities & Security Advisories 20

All 20 CVE vulnerabilities found in libxml2, with AI-generated Chinese analysis, references, and POCs.

This page is a comprehensive aggregation of Common Weakness Enumerations associated with the libxml2 product developed by the GNOME Foundation. It compiles a detailed history of security flaws, ranging from memory corruption and buffer overflows to injection vulnerabilities, covering reported issues from 2002 through the present. Users can utilize this resource to track vendor advisories issued by the GNOME project, gain a deeper understanding of specific weakness classes affecting XML parsing libraries, and investigate the historical vulnerability landscape of this widely used software component. The data presented here is curated from official security channels, third-party databases, and public disclosures to provide a holistic view of the product's security posture over time. By examining these aggregated records, security professionals and developers can identify recurring patterns in code defects, assess the impact of past patches, and better understand the risks inherent in integrating libxml2 into their systems. This collection serves as a reference point for auditing the robustness of XML processing mechanisms and highlights the importance of maintaining up-to-date versions to mitigate known exposure points. The timeline reflects the continuous effort to address both newly discovered threats and legacy weaknesses that remain relevant in contemporary deployment scenarios.

Vendor: n/a

CVE IDTitleCVSSSeverityPublished
CVE-2026-11979 Stack-Based Buffer Overflow in libxml2 CWE-121--2026-06-29
CVE-2026-6653 libxml2: Use after free in xmlParseInternalSubset via improper entity resolution handling CWE-416--2026-06-22
CVE-2025-9714 Stack overflow in libxml2 CWE-674 6.2 Medium2025-09-10
CVE-2025-8732 libxml2 xmlcatalog xmlParseSGMLCatalog recursion CWE-674 3.3 Low2025-08-08
CVE-2025-7425 Libxslt: libxml2: heap use-after-free in libxslt caused by atype corruption in xmlattrptr CWE-416 7.8 High2025-07-10
CVE-2025-49795 Libxml: null pointer dereference leads to denial of service (dos) CWE-825 7.5 High2025-06-16
CVE-2025-32415 libxml2 安全漏洞 CWE-1284 2.9 Low2025-04-17
CVE-2025-32414 libxml2 安全漏洞 CWE-393 5.6 Medium2025-04-08
CVE-2025-27113 libxml2 安全漏洞 CWE-476 2.9 Low2025-02-18
CVE-2025-24928 libxml2 安全漏洞 CWE-121 7.8 High2025-02-18
CVE-2024-56171 libxml2 安全漏洞 CWE-416 7.8 High2025-02-18
CVE-2022-49043 libxml2 安全漏洞 CWE-416 8.1 High2025-01-26
CVE-2024-40896 libxml2 安全漏洞 CWE-611 7.5AIHighAI2024-12-23
CVE-2016-3709 libxml2 跨站脚本漏洞 CWE-79 6.1 -2022-07-28
CVE-2021-3541 libxml2 输入验证错误漏洞 7.5 -2021-07-09
CVE-2021-3516 libxml2 资源管理错误漏洞 CWE-416 7.8 -2021-06-01
CVE-2021-3517 libxml2 缓冲区错误漏洞 CWE-787 8.6 -2021-05-19
CVE-2021-3518 libxml2 资源管理错误漏洞 CWE-416 8.8 -2021-05-18
CVE-2021-3537 libxml2 代码问题漏洞 CWE-476 5.9 -2021-05-14
CVE-2016-9597 Libxml2 缓冲区错误漏洞 CWE-674 7.5 -2018-07-30

All 20 known CVE vulnerabilities affecting libxml2 with full Chinese analysis, references, and POCs where available.