Browse all 3 CVE security advisories affecting lxml. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-41066 | lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files — lxmlCWE-611 | 7.5 | High | 2026-04-24 |
| CVE-2022-2309 | NULL Pointer Dereference in lxml/lxml — lxml/lxmlCWE-476 | 7.5 | - | 2022-07-05 |
| CVE-2021-43818 | HTML Cleaner allows crafted and SVG embedded scripts to pass through — lxmlCWE-74 | 8.2 | High | 2021-12-13 |
This page lists every published CVE security advisory associated with lxml. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.