vulnerability
SUSE: CVE-2026-0989: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:N/A:P) | Jan 30, 2026 | Jan 30, 2026 | Feb 12, 2026 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Jan 30, 2026
Added
Jan 30, 2026
Modified
Feb 12, 2026
Description
A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested <include> directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.
Solutions
suse-upgrade-libxml2-2suse-upgrade-libxml2-2-32bitsuse-upgrade-libxml2-develsuse-upgrade-libxml2-devel-32bitsuse-upgrade-libxml2-docsuse-upgrade-libxml2-toolssuse-upgrade-python-libxml2suse-upgrade-python3-libxml2suse-upgrade-python3-libxml2-pythonsuse-upgrade-python311-libxml2suse-upgrade-python313-libxml2
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.