VYPR
Medium severity5.5NVD Advisory· Published Nov 11, 2025· Updated May 19, 2026

CVE-2025-12748

CVE-2025-12748

Description

A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicious user with limited permissions could exploit this flaw by submitting a specially crafted XML file, causing libvirt to allocate too much memory on the host. The excessive memory consumption could lead to a libvirt process crash on the host, resulting in a denial-of-service condition.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

50

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.