CVE-2026-0989

EUVD-2026-2796
A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested <include> directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.7 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Affected Products (NVD)
VendorProductVersion
xmlsoftlibxml2
𝑥
< 2.15.2
redhathardened_images
-
redhatjboss_core_services
-
redhatopenshift_container_platform
4.0
redhatenterprise_linux
6.0
redhatenterprise_linux
7.0
redhatenterprise_linux
8.0
redhatenterprise_linux
9.0
redhatenterprise_linux
10.0
ibmvios
4.1.0 ≤
𝑥
< 4.1.1.30
ibmvios
4.1.2.0
ibmaix
7.2.5 ≤
𝑥
< 7.2.5.12
ibmaix
7.3.2 ≤
𝑥
< 7.3.3.3
ibmaix
7.3.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libxml2
bookworm
2.9.14+dfsg-1.3~deb12u6
fixed
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
2.9.10+dfsg-6.7+deb11u10
fixed
forky
2.15.3+dfsg-1
fixed
sid
2.15.3+dfsg-1
fixed
trixie
2.12.7+dfsg+really2.9.14-2.1+deb13u3
fixed
trixie (security)
vulnerable
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libxml2-2
suse enterprise desktop 15 SP7
2.12.10-150700.4.11.1
fixed
suse enterprise sap 15 SP7
2.12.10-150700.4.11.1
fixed
suse enterprise server 12 SP3
2.9.4-46.96.1
fixed
suse enterprise server 15 SP4
2.9.14-150400.5.55.1
fixed
suse enterprise server 15 SP7
2.12.10-150700.4.11.1
fixed
libxml2-2-32bit
suse enterprise desktop 15 SP7
2.12.10-150700.4.11.1
fixed
suse enterprise sap 15 SP7
2.12.10-150700.4.11.1
fixed
suse enterprise server 12 SP3
2.9.4-46.96.1
fixed
suse enterprise server 15 SP4
2.9.14-150400.5.55.1
fixed
suse enterprise server 15 SP7
2.12.10-150700.4.11.1
fixed
libxml2-devel
suse enterprise desktop 15 SP7
2.12.10-150700.4.11.1
fixed
suse enterprise sap 15 SP7
2.12.10-150700.4.11.1
fixed
suse enterprise server 15 SP4
2.9.14-150400.5.55.1
fixed
suse enterprise server 15 SP7
2.12.10-150700.4.11.1
fixed
libxml2-doc
suse enterprise server 12 SP3
2.9.4-46.96.1
fixed
libxml2-tools
suse enterprise desktop 15 SP7
2.12.10-150700.4.11.1
fixed
suse enterprise sap 15 SP7
2.12.10-150700.4.11.1
fixed
suse enterprise server 12 SP3
2.9.4-46.96.1
fixed
suse enterprise server 15 SP4
2.9.14-150400.5.55.1
fixed
suse enterprise server 15 SP7
2.12.10-150700.4.11.1
fixed
python-libxml2
suse enterprise server 12 SP3
2.9.4-46.96.1
fixed
python3-libxml2
suse enterprise desktop 15 SP7
2.12.10-150700.4.11.1
fixed
suse enterprise sap 15 SP7
2.12.10-150700.4.11.1
fixed
suse enterprise server 15 SP4
2.9.14-150400.5.55.1
fixed
suse enterprise server 15 SP7
2.12.10-150700.4.11.1
fixed
python311-libxml2
suse enterprise server 15 SP4
2.9.14-150400.5.55.1
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
libxml2
Amazon Linux 2
0:2.9.1-6.amzn2.5.23
fixed
Amazon Linux 2023
0:2.10.4-1.amzn2023.0.17
fixed
libxml2-debuginfo
Amazon Linux 2
0:2.9.1-6.amzn2.5.23
fixed
Amazon Linux 2023
0:2.10.4-1.amzn2023.0.17
fixed
libxml2-debugsource
Amazon Linux 2023
0:2.10.4-1.amzn2023.0.17
fixed
libxml2-devel
Amazon Linux 2
0:2.9.1-6.amzn2.5.23
fixed
Amazon Linux 2023
0:2.10.4-1.amzn2023.0.17
fixed
libxml2-python
Amazon Linux 2
0:2.9.1-6.amzn2.5.23
fixed
libxml2-static
Amazon Linux 2
0:2.9.1-6.amzn2.5.23
fixed
Amazon Linux 2023
0:2.10.4-1.amzn2023.0.17
fixed
python3-libxml2
Amazon Linux 2023
0:2.10.4-1.amzn2023.0.17
fixed
python3-libxml2-debuginfo
Amazon Linux 2023
0:2.10.4-1.amzn2023.0.17
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
libxml2
Azure Linux 3.0
0:2.11.5-10.azl3
fixed