CVE-2026-32778 MEDIUM

Published: 2026-03-16 | Last Modified: 2026-03-17 | Status: Analyzed

Description

libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.

Additional Descriptions (1)

libexpat antes de 2.7.5 permite una desreferenciación de puntero NULL en la función setContext al reintentar después de una condición previa de falta de memoria.

CVSS Metrics

Base Score: 5.5 (MEDIUM)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector	LOCAL
Attack Complexity	LOW
Privileges Required	LOW
User Interaction	NONE
Scope	UNCHANGED
Confidentiality Impact	NONE
Integrity Impact	NONE
Availability Impact	HIGH

Source: [email protected]

Type: Primary

Exploitability Score: 1.8

Impact Score: 3.6

Weaknesses

Source	Type	Description
[email protected]	Primary	en CWE-476

Affected Products

Vendor	Product	Version	Update	Type
libexpat_project	libexpat	*	<built-in method update of dict object at 0x7b06e8425a40>	Application

Affected Configurations

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:libexpat_project:libexpat::::::::`

References

https://github.com/libexpat/libexpat/pull/1159
Source: [email protected]

Issue Tracking Patch
https://github.com/libexpat/libexpat/pull/1163
Source: [email protected]

Issue Tracking Patch