NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-6653

Summary	Use After Free in libxml2's xmlParseInternalSubset from GNOME libxml2 version 2.9.11 to 2.11.0 allows a remote attacker to cause a denial-of-service via maliciously crafted XML input with improper entity resolution handling.
Publication Date	June 22, 2026, 11:17 p.m.
Registration Date	June 27, 2026, 4:09 a.m.
Last Update	June 23, 2026, 3:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://bugs.launchpad.net/ubuntu/+source/libxml2/+bug/2141260	security@ubuntu.com
2	https://gitlab.gnome.org/GNOME/libxml2/-/work_items/1058	security@ubuntu.com

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-611	XML 外部エンティティ参照の不適切な制限	https://cwe.mitre.org/data/definitions/611.html
2	CWE-416	解放済みメモリの使用	https://cwe.mitre.org/data/definitions/416.html