Integer Overflow Vulnerability in libexpat: CVE-2026-56404
A medium-severity integer overflow vulnerability (CVE-2026-56404) was discovered in libexpat before version 2.8.2. The vulnerability, which has a CVSS score of 6.9, exists in the addBinding function and could potentially lead to high confidentiality and integrity impacts. Although it is not currently actively exploited, organizations are advised to update to version 2.8.2 or later to mitigate this vulnerability.