CVE-2025-49794 – “Libxml2 Use-After-Free XPath Element Parsing Vulnerability”

June 16, 2025

CVE ID : CVE-2025-49794

Published : June 16, 2025, 4:15 p.m. | 2 hours, 6 minutes ago

Description : A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program’s crash using libxml or other possible undefined behaviors.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49796 – Libxml2 Denial of Service Memory Corruption

Next Article CVE-2025-6126 – PHPGurukul Rail Pass Management System Cross Site Scripting Vulnerability

ScyllaDB X Cloud’s autoscaling capabilities meet the needs of unpredictable workloads in real time

Parasoft C/C++test 2025.1, Secure Code Warrior AI Security Rules, and more – Daily News Digest

What I Wish Someone Told Me When I Was Getting Into ARIA

SD Times 100

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

This Xbox game emotionally wrecked me in less than four hours… I’m going to go hug my cat now

Top 5 desktop PC case features that I can’t live without — and neither should you

‘No aggressive monetization’ — Nexus Mods’ new ownership responds to worried members

Build AI Agents That Run Your Day – While You Focus on What Matters

Build AI Agents That Run Your Day – While You Focus on What Matters

Faster Builds in Meteor 3.3: Modern Build Stack with SWC and Bundler Optimizations

How to Change Redirect After Login/Register in Laravel Breeze

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

This Xbox game emotionally wrecked me in less than four hours… I’m going to go hug my cat now

Top 5 desktop PC case features that I can’t live without — and neither should you

CVE-2025-49794 – “Libxml2 Use-After-Free XPath Element Parsing Vulnerability”

The “Infinite Workday” is Here: Microsoft Warns of Never-Ending Work Driven by Hybrid Models & AI

Mastodon Cracks Down: New Terms Ban Unauthorized AI Data Scraping

CVE-2025-48493 – “Redis AUTH Credentials Exposed in Yii Logs”

CVE-2025-31641 – LambertGroup UberSlider SQL Injection

Create a unit testing framework for PostgreSQL using the pgTAP extension

CVE-2025-28033 – Totolink Router Pre-Auth Buffer Overflow Vulnerability

Filter Model Attributes with Laravel’s New except() Method

The Elder Scrolls 4: Oblivion Remastered buying guide — Which version of the game is right for you?

Mobile Device Security Policy

These old iPhones, Macs, and iPads won’t run Apple’s latest updates – did yours make the cut?

CVE-2025-49794 – “Libxml2 Use-After-Free XPath Element Parsing Vulnerability”

Related Posts