Stack Overflow in libxml2 xmlcatalog --shell mode
CVE-2026-11979 Published on June 29, 2026

Stack-Based Buffer Overflow in libxml2
libxml2 is vulnerable to multiple stack-based buffer overflows in the xmlcatalog utility when running in --shell mode. The usershell() function processes user input using fixed-size stack buffers without proper bounds checking. By supplying an overly long input line, an attacker can overflow internal buffers (command, arg, and argv) during input parsing. This results in memory corruption within the stack frame. Successful exploitation may cause a crash or potentially allow arbitrary code execution in the context of the xmlcatalog process. This issue has been fixed in the commit c2e233fc. NOTE: The maintainers of this project did not agree that this issue is a vulnerability and considered it a bug.

NVD

Weakness Type

What is a Stack Overflow Vulnerability?

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CVE-2026-11979 has been classified to as a Stack Overflow vulnerability or weakness.


Products Associated with CVE-2026-11979

Want to know whenever a new CVE is published for Xmlsoft Libxml2? stack.watch will email you.

 

Affected Versions

xmlsoft libxml2: