Critical severity9.1NVD Advisory· Published Jun 16, 2025· Updated May 12, 2026
CVE-2025-49796
CVE-2025-49796
Description
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
32- access.redhat.com/errata/RHSA-2025:10630nvd
- access.redhat.com/errata/RHSA-2025:10698nvd
- access.redhat.com/errata/RHSA-2025:10699nvd
- access.redhat.com/errata/RHSA-2025:11580nvd
- access.redhat.com/errata/RHSA-2025:12098nvd
- access.redhat.com/errata/RHSA-2025:12099nvd
- access.redhat.com/errata/RHSA-2025:12199nvd
- access.redhat.com/errata/RHSA-2025:12237nvd
- access.redhat.com/errata/RHSA-2025:12239nvd
- access.redhat.com/errata/RHSA-2025:12240nvd
- access.redhat.com/errata/RHSA-2025:12241nvd
- access.redhat.com/errata/RHSA-2025:13267nvd
- access.redhat.com/errata/RHSA-2025:13335nvd
- access.redhat.com/errata/RHSA-2025:15397nvd
- access.redhat.com/errata/RHSA-2025:15827nvd
- access.redhat.com/errata/RHSA-2025:15828nvd
- access.redhat.com/errata/RHSA-2025:18217nvd
- access.redhat.com/errata/RHSA-2025:18218nvd
- access.redhat.com/errata/RHSA-2025:18219nvd
- access.redhat.com/errata/RHSA-2025:18240nvd
- access.redhat.com/errata/RHSA-2025:19020nvd
- access.redhat.com/errata/RHSA-2025:19041nvd
- access.redhat.com/errata/RHSA-2025:19046nvd
- access.redhat.com/errata/RHSA-2025:19894nvd
- access.redhat.com/errata/RHSA-2025:21913nvd
- access.redhat.com/errata/RHSA-2026:0934nvd
- access.redhat.com/errata/RHSA-2026:7519nvd
- access.redhat.com/security/cve/CVE-2025-49796nvd
- bugzilla.redhat.com/show_bug.cginvd
- cert-portal.siemens.com/productcert/html/ssa-577017.htmlnvd
- gitlab.gnome.org/GNOME/libxml2/-/issues/933nvd
- lists.debian.org/debian-lts-announce/2025/07/msg00014.htmlnvd
News mentions
1- Siemens Ruggedcom RoxCISA Alerts