CVE-2026-25210

MEDIUM

6.9CVSS v3

—CVSS v2

0.01% EPSS (exploit probability)

CWE-190CWE

Description

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.

CVSS v3 vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE