CVE-2026-6732

Summary

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial of service (DoS), making the affected system or application unavailable.

Affected Software

VendorProductVersion RangeStatus
Red HatRed Hat Hardened Images2.15.3-0.1.hum1 < *unaffected

Weaknesses

  • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References