CVE-2026-25210

Publication date

2026-01-30 06:40:27

Family

mitre

State

PUBLISHED

Description

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.