{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2026-24515", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "state": "PUBLISHED", "assignerShortName": "mitre", "dateReserved": "2026-01-23T07:46:36.099Z", "datePublished": "2026-01-23T07:46:36.397Z", "dateUpdated": "2026-01-23T15:31:51.679Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "libexpat", "vendor": "libexpat project", "versions": [{"lessThan": "2.7.4", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-01-23T07:53:00.374Z"}, "references": [{"url": "https://github.com/libexpat/libexpat/pull/1131"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}, "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.7.4"}]}]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-23T15:31:37.399635Z", "id": "CVE-2026-24515", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-23T15:31:51.679Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24515", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-23T15:31:37.399635Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-23T15:31:46.915Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.9, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "libexpat project", "product": "libexpat", "versions": [{"status": "affected", "version": "0", "lessThan": "2.7.4", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/libexpat/libexpat/pull/1131"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}, "descriptions": [{"lang": "en", "value": "In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "2.7.4"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-01-23T07:53:00.374Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24515", "state": "PUBLISHED", "dateUpdated": "2026-01-23T15:31:51.679Z", "dateReserved": "2026-01-23T07:46:36.099Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-01-23T07:46:36.397Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*", "matchCriteriaId": "8506CE35-F4E2-420E-99FB-FC24254BF7DE", "versionEndExcluding": "2.7.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data."}], "id": "CVE-2026-24515", "lastModified": "2026-02-05T17:27:53.290", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 1.4, "source": "cve@mitre.org", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-01-23T08:16:01.490", "references": [{"source": "cve@mitre.org", "tags": ["Issue Tracking"], "url": "https://github.com/libexpat/libexpat/pull/1131"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "cve@mitre.org", "type": "Primary"}]}

{"bugzilla": {"description": "libexpat: libexpat null pointer dereference", "id": "2432312", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432312"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.9", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-476", "details": ["No description is available for this CVE."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2026-24515", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "expat", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "compat-expat1", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "expat", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "expat", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "expat", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "mingw-expat", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "expat", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-01-23T07:46:36Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-24515\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-24515\nhttps://github.com/libexpat/libexpat/pull/1131"], "threat_severity": "Low"}

{"analysis": {"en": {"generated_at": "2026-04-18T03:13:14.366317+00:00", "value": {"mitigation_remediation": ["Upgrade libexpat to version 2.7.4 or later, which includes the null\u2011check fix.", "If an upgrade is not immediately feasible, disable the use of XML_ExternalEntityParserCreate with unknown encoding handlers or turn off external entity parsing altogether.", "Review the application\u2019s XML processing pipeline for additional null\u2011dereference risks and apply input validation or configuration hardening as needed."], "summary": {"action": "Apply Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "All installations of the libexpat library older than version 2.7.4 are potentially affected. Applications that embed libexpat and invoke XML_ExternalEntityParserCreate\u2014such as web servers, document processors, or other XML\u2011handling software\u2014are at risk if they are linked against an unpatched library.", "description_and_impact": "The vulnerability resides in libexpat, where the function XML_ExternalEntityParserCreate fails to copy user data for unknown encoding handlers, leading to a null pointer dereference. This flaw can cause an application to crash when processing XML input that specifies an unfamiliar encoding, resulting in a denial of service. The weakness is classified as CWE\u2011476, a null pointer dereference.", "risk_and_exploitability": "The CVSS score of 2.9 indicates a low severity impact, and the EPSS score of less than 1% shows a very low probability of exploitation at present. The vulnerability is not listed in the CISA KEV catalog, and no public exploits have been reported. Attackers would need to supply crafted XML content to trigger the crash, so an attacker must have the ability to influence input to the vulnerable parser."}}}}, "created": "2026-04-18T03:15:35.435494+00:00", "updated": "2026-04-18T03:15:35.435513+00:00", "vendors": []}