CVE-2026-41080LowCVSS 2.9

libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.

Published
June 2, 2026
Last Modified

🔗 CVE IDs covered (1)