CVE-2025-59375: CWE-770 Allocation of Resources Without Limits or Throttling in libexpat project libexpat
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
AI Analysis
Technical Summary
The libexpat XML parser prior to version 2.7.2 contains a vulnerability (CWE-770) that allows an attacker to trigger large dynamic memory allocations by submitting a crafted small XML document. This lack of limits or throttling on resource allocation can result in denial of service conditions. The CVSS 3.1 base score is 7.5, indicating high severity, with network attack vector, low attack complexity, no privileges or user interaction required, and high impact on availability. A temporary fix is available, but the vendor has not yet released a full official patch.
Potential Impact
Successful exploitation of this vulnerability can cause denial of service by exhausting memory resources on the system running libexpat, potentially leading to application or system crashes. There is no impact on confidentiality or integrity reported. No known exploits are currently in the wild.
Mitigation Recommendations
A temporary fix is available for this vulnerability. Users should apply the temporary fix as recommended by the vendor. Since this is not a full official patch, monitoring vendor advisories for a complete fix is advised. No additional mitigation steps are specified by the vendor at this time.
CVE-2025-59375: CWE-770 Allocation of Resources Without Limits or Throttling in libexpat project libexpat
Description
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The libexpat XML parser prior to version 2.7.2 contains a vulnerability (CWE-770) that allows an attacker to trigger large dynamic memory allocations by submitting a crafted small XML document. This lack of limits or throttling on resource allocation can result in denial of service conditions. The CVSS 3.1 base score is 7.5, indicating high severity, with network attack vector, low attack complexity, no privileges or user interaction required, and high impact on availability. A temporary fix is available, but the vendor has not yet released a full official patch.
Potential Impact
Successful exploitation of this vulnerability can cause denial of service by exhausting memory resources on the system running libexpat, potentially leading to application or system crashes. There is no impact on confidentiality or integrity reported. No known exploits are currently in the wild.
Mitigation Recommendations
A temporary fix is available for this vulnerability. Users should apply the temporary fix as recommended by the vendor. Since this is not a full official patch, monitoring vendor advisories for a complete fix is advised. No additional mitigation steps are specified by the vendor at this time.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2025-09-15T00:00:00.000Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- temporary-fix
Threat ID: 68c781b639776bc2a148c65c
Added to database: 9/15/2025, 3:02:14 AM
Last enriched: 5/2/2026, 1:57:23 AM
Last updated: 5/10/2026, 2:39:16 AM
Views: 190
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.