CVE-2026-41080
Published
CVSS v3
2.9
LOW
CVSS v2
N/A
Affected
1
PROJECT
Description
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.
:herb: Fast streaming XML parser written in C99 with >90% test coverage; moved from SourceForge to GitHub
GitHub