QSearchQSearch

CVE-2025-6170

2.5 LOW

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files

Published: 2025-06-16 · Last updated: 2026-06-02

Severity and scoring

CVSS
2.5 LOW
Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
CWE
CWE-121

Affected products

VendorProduct
redhatenterprise_linux, jboss_core_services, libxml2
xmlsoftenterprise_linux, jboss_core_services, libxml2

Description

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-50259 A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
  • CVE-2026-50258 A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
  • CVE-2026-50257 A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence() (7.8 HIGH)
  • CVE-2026-50256 A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
  • CVE-2026-1784 The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy (8.8 HIGH)

Same CWE

  • CVE-2026-49760 Stack-based Buffer Overflow vulnerability in Erlang OTP (erl_interface) allows Stack-based Buffer Overflow
  • CVE-2026-49759 Stack-based Buffer Overflow vulnerability in Erlang OTP erts (inet_drv) allows an unauthenticated remote attacker to crash the BEAM VM by...
  • CVE-2026-26241 A buffer overflow vulnerability has been reported to affect File Station 5
  • CVE-2026-26240 A buffer overflow vulnerability has been reported to affect File Station 5
  • CVE-2026-26239 A buffer overflow vulnerability has been reported to affect File Station 5