Unrated severityNVD Advisory· Published Mar 13, 2026· Updated Mar 16, 2026

Type Confusion in Lexbor Fragment Parser

CVE-2026-29079

Description

Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting the qualified_name field. That corrupted value is later used as a pointer and dereferenced near the zero page. This vulnerability is fixed in 2.7.0.

Affected products

Lexbor/Lexborllm-create
Range: <2.7.0
lexbor/lexborv5
Range: < 2.7.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/lexbor/lexbor/security/advisories/GHSA-mrpr-v36q-2vp8mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000