Memory Corruption Vulnerability in libxml2 Affecting Various Applications
CVE-2025-49796

9.1CRITICAL

Key Information:

Status
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 7 Extended Lifecycle Support
Red Hat Enterprise Linux 8
Vendor
CVE Published:
16 June 2025

What is CVE-2025-49796?

A vulnerability in libxml2 allows attackers to exploit the processing of specific sch:name elements within XML files. This can trigger a memory corruption issue, potentially leading to crashes and undefined behavior. The flaw enables the creation of malicious XML input files that can compromise the integrity of the application using libxml2, resulting in the risk of denial of service and exposure of sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://access.redhat.com/errata/RHSA-2025:10630
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10698
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10699
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.