Use After Free in Gnome Libxml2
CVE-2026-6653
Use After Free in libxml2's xmlParseInternalSubset from GNOME libxml2 version 2.9.11 to 2.11.0 allows a remote attacker to cause a denial-of-service via maliciously crafted XML input with improper entity resolution handling.
Vulnerability class: Use-After-Free
Affected products
- Gnome Libxml2 — versions 2.9.11
Weakness classification (CWE)
References
- security@ubuntu.com (issue-tracking)
- security@ubuntu.com (issue-tracking)