CVE-2025-49796 – Libxml2 Denial of Service Memory Corruption

June 16, 2025

CVE ID : CVE-2025-49796

Published : June 16, 2025, 4:15 p.m. | 1 hour, 44 minutes ago

Description : A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49795 – XML Denial of Service in libxml2

Next Article CVE-2025-49794 – “Libxml2 Use-After-Free XPath Element Parsing Vulnerability”

Highlights

CVE-2025-48381 – CVAT Information Disclosure Vulnerability

May 30, 2025

CVE ID : CVE-2025-48381

Published : May 30, 2025, 4:15 a.m. | 48 minutes ago

Description : Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. In versions starting from 2.4.0 to before 2.38.0, an authenticated CVAT user may be able to retrieve the IDs and names of all tasks, projects, labels, and the IDs of all jobs and quality reports on the CVAT instance. In addition, if the instance contains many resources of a particular type, retrieving this information may tie up system resources, denying access to legitimate users. This issue has been patched in version 2.38.0.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

What I Wish Someone Told Me When I Was Getting Into ARIA

SD Times 100

Managing the growing risk profile of agentic AI and MCP in the enterprise

How To Prevent WordPress SQL Injection Attacks

Funny Windows 11 bug brings back classic Windows boot sound from 20 years ago

Windows 11 news and updates in June: Microsoft’s AI agent in Settings makes adjusting your PC easier than ever

uBlock Origin ships to Edge for Android as Google kills it on Chrome

Windows Hello face unlock no longer works in the dark, and Microsoft says it’s not a bug

Community News: Latest PECL Releases (06.17.2025)

Community News: Latest PECL Releases (06.17.2025)

Stream-Omni: Simultaneous Multimodal Interactions with Large Language-Vision-Speech Model

How Inclusive Design Leading and Creating Solutions for Universal Design

Funny Windows 11 bug brings back classic Windows boot sound from 20 years ago

Funny Windows 11 bug brings back classic Windows boot sound from 20 years ago

Windows 11 news and updates in June: Microsoft’s AI agent in Settings makes adjusting your PC easier than ever

uBlock Origin ships to Edge for Android as Google kills it on Chrome

CVE-2025-49796 – Libxml2 Denial of Service Memory Corruption

TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert

New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks

Raspberry Pi 5 Desktop Mini PC: Ollama GUI

Berserk is a UCI compliant chess engine

6 Best Free and Open Source Virtual Globes

CVE-2025-45985 – Blink Router Command Injection Vulnerability

CVE-2025-48381 – CVAT Information Disclosure Vulnerability

CVE-2025-29688 – “OA System XSS Vulnerability”

CVE-2025-37774 – Linux Kernel Slab Object Extensions Vulnerability

How Hexagon built an AI assistant using AWS generative AI services

CVE-2025-49796 – Libxml2 Denial of Service Memory Corruption

Related Posts