CVE-2026-56409
MEDIUM
NVD
CVSS Score
6.5
Severity
MEDIUM
Published
Jun 21, 2026
Vendor
unknown
Description
xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used.
xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used.