FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Vulnerability found in Expat

Affected packages
expat < 2.8.1
linux-c7-expat < 2.8.1
linux-rl9-expat < 2.8.1

Details

VuXML ID bacc1417-4d82-11f1-87f3-18dbf25a98c6
Discovery 2025-10-01
Entry 2026-05-11

Expat 2.8.1 was released yesterday. The key motivation for cutting a release and doing so now was:

Fixing vulnerability CVE-2026-45186 that allows easy denial of service.

See also https://github.com/libexpat/libexpat/pull/1216

[source]

References

CVE Name CVE-2026-45186
URL https://nvd.nist.gov/vuln/detail/CVE-2026-45186

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.