CVE-2026-56132
MEDIUM
NVD
CVSS Score
6.9
Severity
MEDIUM
Published
Jun 19, 2026
Vendor
unknown
Description
In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers.