Vulnerabilities

CVE-2026-7210

by Fred · 11/05/2026

`xml.parsers.expat` and `xml.etree.ElementTree` use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.rnrnFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch.

More information : https://github.com/python/cpython/issues/149018

Similar

Tags: Cybersecurity Alert