Libxml2 Security Update Advisory (CVE-2024-40896)

Dec 30 2025

Overview

we have released a security update to address a vulnerability in libxml2. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2024-40896

libxml2 Versions: ~2.11.9 (excluded)
libxml2 Version: ~2.12.9 (excluded)
libxml2 Version: ~2.13.3 (excluded)

Resolved Vulnerabilities

XML External Entity vulnerability (CVE-2024-40896) that could allow access to user information or cause a Dos attack

Vulnerability Patches

vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-40896

libxml2 version: 2.11.9
libxml2 version: 2.12.9
libxml2 version: 2.13.3

References

[1] cve-2024-40896 (cvss 9.1): Critical XXE Vulnerability Discovered in libxml2
https://securityonline.info/cve-2024-40896-cvss-9-1-critical-xxe-vulnerability-discovered-in-libxml2/

Libxml2 Security Update Advisory (CVE-2024-40896)

WatchGuard Product Security Update Advisory (CVE-2025-14733)

Palo Alto Networks (PAN-OS, Prisma Access) Products December 2024 Security Update Advisory

Tags:

WatchGuard Product Security Update Advisory (CVE-2025-14733)

Palo Alto Networks (PAN-OS, Prisma Access) Products December 2024 Security Update Advisory