CVE-2026-24515

Publication date

2026-01-23 07:46:36

Family

mitre

State

PUBLISHED

Description

In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.