CVE-2026-24515
EUVD-2026-442423.01.2026, 08:16
In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| libexpat_project | libexpat | 𝑥 < 2.7.4 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| Siemens | RUGGEDCOM RST2428P | 𝑥 < V4.0 | ADP |
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| expat |
| ||||||||||
| libexpat-devel |
| ||||||||||
| libexpat1 |
| ||||||||||
| libexpat1-32bit |
|
Azure Linux Releases
Common Weakness Enumeration
Vulnerability Media Exposure