Buffer overflow in Xmlsoft Libxml2
CVE-2026-11979
libxml2 is vulnerable to multiple stack-based buffer overflows in the xmlcatalog utility when running in --shell mode. The usershell() function processes user input using fixed-size stack buffers without proper bounds checking. By supplyin…
Vulnerability class: Buffer Overflow
Affected products
- Xmlsoft Libxml2 — versions 0
Weakness classification (CWE)
References
- cvd@cert.pl (third-party-advisory)
- cvd@cert.pl (patch)