CVE-2026-56410: CWE-190 Integer Overflow or Wraparound in libexpat project libexpat
CVE-2026-56410 is an integer overflow vulnerability in the xmlwf tool of the libexpat project, specifically in the resolveSystemId function. This issue affects versions of libexpat before 2.8.2. The vulnerability has a CVSS score of 6.9, indicating a medium severity level. It allows an attacker with local access and high attack complexity to potentially cause high confidentiality and integrity impact with low availability impact. No official patch or remediation information is currently provided.
AI Analysis
Technical Summary
The vulnerability CVE-2026-56410 involves an integer overflow or wraparound in the resolveSystemId function within the xmlwf component of the libexpat project. This flaw exists in versions prior to 2.8.2 and could lead to memory corruption or other unintended behavior due to improper handling of integer values. The CVSS 3.1 vector indicates that exploitation requires local access, high attack complexity, no privileges, and no user interaction, with high impact on confidentiality and integrity and low impact on availability.
Potential Impact
Successful exploitation of this integer overflow could lead to unauthorized disclosure or modification of data (high confidentiality and integrity impact) and limited disruption of service (low availability impact). The attack requires local access and is considered complex to execute, reducing the likelihood of widespread exploitation. No known exploits are reported in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official patch or remediation level is provided, users should monitor libexpat project advisories for updates. Until a fix is available, avoid running untrusted XML files with the affected xmlwf tool and restrict local access to trusted users only.
CVE-2026-56410: CWE-190 Integer Overflow or Wraparound in libexpat project libexpat
Description
CVE-2026-56410 is an integer overflow vulnerability in the xmlwf tool of the libexpat project, specifically in the resolveSystemId function. This issue affects versions of libexpat before 2.8.2. The vulnerability has a CVSS score of 6.9, indicating a medium severity level. It allows an attacker with local access and high attack complexity to potentially cause high confidentiality and integrity impact with low availability impact. No official patch or remediation information is currently provided.
CVSS v3.1
Score 6.9medium
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability CVE-2026-56410 involves an integer overflow or wraparound in the resolveSystemId function within the xmlwf component of the libexpat project. This flaw exists in versions prior to 2.8.2 and could lead to memory corruption or other unintended behavior due to improper handling of integer values. The CVSS 3.1 vector indicates that exploitation requires local access, high attack complexity, no privileges, and no user interaction, with high impact on confidentiality and integrity and low impact on availability.
Potential Impact
Successful exploitation of this integer overflow could lead to unauthorized disclosure or modification of data (high confidentiality and integrity impact) and limited disruption of service (low availability impact). The attack requires local access and is considered complex to execute, reducing the likelihood of widespread exploitation. No known exploits are reported in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official patch or remediation level is provided, users should monitor libexpat project advisories for updates. Until a fix is available, avoid running untrusted XML files with the affected xmlwf tool and restrict local access to trusted users only.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-06-21T15:54:59.828Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a380caeeed863c81e0981b6
Added to database: 06/21/2026, 16:09:18 UTC
Last enriched: 06/21/2026, 16:24:05 UTC
Last updated: 06/22/2026, 03:56:57 UTC
Views: 12
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.