CVE-2025-49796 – Libxml2 Denial of Service Memory Corruption

June 16, 2025

CVE ID : CVE-2025-49796

Published : June 16, 2025, 4:15 p.m. | 1 hour, 44 minutes ago

Description : A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49795 – XML Denial of Service in libxml2

Next Article CVE-2025-49794 – “Libxml2 Use-After-Free XPath Element Parsing Vulnerability”

Highlights

CVE-2025-49580 – XWiki Cross-Site Scripting (XSS) Vulnerability

June 13, 2025

CVE ID : CVE-2025-49580

Published : June 13, 2025, 4:15 p.m. | 1 hour, 51 minutes ago

Description : XWiki is a generic wiki platform. From 8.2 and 7.4.5 until 17.1.0-rc-1, 16.10.4, and 16.4.7, pages can gain script or programming rights when they contain a link and the target of the link is renamed or moved. This might lead to execution of scripts contained in xobjects that should have never been executed. This vulnerability is fixed in 17.1.0-rc-1, 16.10.4, and 16.4.7.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Gears of War returns, Helldivers 2 jumps ship, and Xbox players win big — Xbox’s Aug 25–31 lineup proves the console war is getting interesting again

August 25, 2025

Best early Prime Day robot vacuum deals: My 20 favorite sales live now

June 18, 2025

CVE-2025-7626 – YiJiuSmile kkFileViewOfficeEdit Path Traversal Vulnerability

July 14, 2025

CodeSOD: Functionally, a Date

Creating Elastic And Bounce Effects With Expressive Animator

Microsoft shares Insiders preview of Visual Studio 2026

From Data To Decisions: UX Strategies For Real-Time Dashboards

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Can I use React Server Components (RSCs) today?

Can I use React Server Components (RSCs) today?

Perficient Named among Notable Providers in Forrester’s Q3 2025 Commerce Services Landscape

Sarah McDowell Helps Clients Build a Strong AI Foundation Through Salesforce

I Ran Local LLMs on My Android Phone

I Ran Local LLMs on My Android Phone

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

CVE-2025-49796 – Libxml2 Denial of Service Memory Corruption

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Virtual Space Atmos: l’audio spaziale finalmente sui sistemi GNU/Linux

Critical OpenVPN Driver Vulnerability Allows Attackers to Crash Windows Systems

⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More

How to Deploy a Next.js Blog on Sevalla

CVE-2025-49580 – XWiki Cross-Site Scripting (XSS) Vulnerability

Gears of War returns, Helldivers 2 jumps ship, and Xbox players win big — Xbox’s Aug 25–31 lineup proves the console war is getting interesting again

Best early Prime Day robot vacuum deals: My 20 favorite sales live now

CVE-2025-7626 – YiJiuSmile kkFileViewOfficeEdit Path Traversal Vulnerability

CVE-2025-49796 – Libxml2 Denial of Service Memory Corruption

Related Posts