A denial-of-service vulnerability (CVE-2026-45186, CVSS 2.9) in the libexpat XML parser allows an attacker to crash affected services via crafted XML input. The vulnerability affects libexpat versions prior to 2.8.1. The fix requires updating the expat package to version 2.8.1 or later.
Red Hat Product Errata RHSA-2026:22715 - Security Advisory Issued: 2026-06-03 Updated: 2026-06-03 RHSA-2026:22715 - Security Advisory Overview Updated Packages Synopsis Important: expat security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for expat is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Expat is a C library for parsing XML documents. Security Fix(es): libexpat: denial of service via crafted XML input (CVE-2026-45186) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2468575 - CVE-2026-45186 libexpat: denial of service via crafted XML input CVEs CVE-2026-45186 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM expat-2.7.3-1.el10_2.1.src.rpm SHA-256: 5e62cde4dc80da8eecab55080c2b2c6ed5d7055ac1b7bef1007deacaa50d6526 x86_64 expat-2.7.3-1.el10_2.1.x86_64.rpm SHA-256: 77280b9f04b396003ad79ad918f164c8f05ac55998ba9663906045ada679ce5b expat-debuginfo-2.7.3-1.el10_2.1.x86_64.rpm SHA-256: df34b18f28c4c91340bea4445f3aa77ccb6c74bfef3ac3696b5171b2738885dc expat-debuginfo-2.7.3-1.el10_2.1.x86_64.rpm SHA-256: df34b18f28c4c91340bea4445f3aa77ccb6c74bfef3ac3696b5171b2738885dc expat-debugsource-2.7.3-1.el10_2.1.x86_64.rpm SHA-256: fd91a54b2f13e223fcdffe30541eb441f979e21261d954a9cb702efc848f0e2f expat-debugsource-2.7.3-1.el10_2.1.x86_64.rpm SHA-256: fd91a54b2f13e223fcdffe30541eb441f979e21261d954a9cb702efc848f0e2f expat-devel-2.7.3-1.el10_2.1.x86_64.rpm SHA-256: 1dfef7bd9019b994c13c5091a8c7e00590ba942533541c302cd6b576870241a6 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 SRPM expat-2.7.3-1.el10_2.1.src.rpm SHA-256: 5e62cde4dc80da8eecab55080c2b2c6ed5d7055ac1b7bef1007deacaa50d6526 x86_64 expat-2.7.3-1.el10_2.1.x86_64.rpm SHA-256: 77280b9f04b396003ad79ad918f164c8f05ac55998ba9663906045ada679ce5b expat-debuginfo-2.7.3-1.el10_2.1.x86_64.rpm SHA-256: df34b18f28c4c91340bea4445f3aa77ccb6c74bfef3ac3696b5171b2738885dc expat-debuginfo-2.7.3-1.el10_2.1.x86_64.rpm SHA-256: df34b18f28c4c91340bea4445f3aa77ccb6c74bfef3ac3696b5171b2738885dc expat-debugsource-2.7.3-1.el10_2.1.x86_64.rpm SHA-256: fd91a54b2f13e223fcdffe30541eb441f979e21261d954a9cb702efc848f0e2f expat-debugsource-2.7.3-1.el10_2.1.x86_64.rpm SHA-256: fd91a54b2f13e223fcdffe30541eb441f979e21261d954a9cb702efc848f0e2f expat-devel-2.7.3-1.el10_2.1.x86_64.rpm SHA-256: 1dfef7bd9019b994c13c5091a8c7e00590ba942533541c302cd6b576870241a6 Red Hat Enterprise Linux for IBM z Systems 10 SRPM expat-2.7.3-1.el10_2.1.src.rpm SHA-256: 5e62cde4dc80da8eecab55080c2b2c6ed5d7055ac1b7bef1007deacaa50d6526 s390x expat-2.7.3-1.el10_2.1.s390x.rpm SHA-256: 11d8cb024f5c999898bd2d64a3b81de6273cf301c51409ee95ad1c2c23c8c070 expat-debuginfo-2.7.3-1.el10_2.1.s390x.rpm SHA-256: 6c5fd445b77af2e0ea9d448de28b345cf5d0a8b4c639d029c0fabc8334a41b25 expat-debuginfo-2.7.3-1.el10_2.1.s390x.rpm SHA-256: 6c5fd445b77af2e0ea9d448de28b345cf5d0a8b4c639d029c0fabc8334a41b25 expat-debugsource-2.7.3-1.el10_2.1.s390x.rpm SHA-256: e09aa587c091643e6e5ed463c9bd023c3b1540b96e1bb26a52a2bab9cf9a6f04 expat-debugsource-2.7.3-1.el10_2.1.s390x.rpm SHA-256: e09aa587c091643e6e5ed463c9bd023c3b1540b96e1bb26a52a2bab9cf9a6f04 expat-devel-2.7.3-1.el10_2.1.s390x.rpm SHA-256: a7e2309e3e858a0fbde3df91d9b892fa019b5f9608ca5e38fdc748ed79aa08d5 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 SRPM expat-2.7.3-1.el10_2.1.src.rpm SHA-256: 5e62cde4dc80da8eecab55080c2b2c6ed5d7055ac1b7bef1007deacaa50d6526 s390x expat-2.7.3-1.el10_2.1.s390x.rpm SHA-256: 11d8cb024f5c999898bd2d64a3b81de6273cf301c51409ee95ad1c2c23c8c070 expat-debuginfo-2.7.3-1.el10_2.1.s390x.rpm SHA-256: 6c5fd445b77af2e0ea9d448de28b345cf5d0a8b4c639d029c0fabc8334a41b25 expat-debuginfo-2.7.3-1.el10_2.1.s390x.rpm SHA-256: 6c5fd445b77af2e0ea9d448de28b345cf5d0a8b4c639d029c0fabc8334a41b25 expat-debugsource-2.7.3-1.el10_2.1.s390x.rpm SHA-256: e09aa587c091643e6e5ed463c9bd023c3b1540b96e1bb26a52a2bab9cf9a6f04 expat-debugsource-2.7.3-1.el10_2.1.s390x.rpm SHA-256: e09aa587c091643e6e5ed463c9bd023c3b1540b96e1bb26a52a2bab9cf9a6f04 expat-devel-2.7.3-1.el10_2.1.s390x.rpm SHA-256: a7e2309e3e858a0fbde3df91d9b892fa019b5f9608ca5e38fdc748ed79aa08d5 Red Hat Enterprise Linux for Power, little endian 10 SRPM expat-2.7.3-1.el10_2.1.src.rpm SHA-256: 5e62cde4dc80da8eecab55080c2b2c6ed5d7055ac1b7bef1007deacaa50d6526 ppc64le expat-2.7.3-1.el10_2.1.ppc64le.rpm SHA-256: 3f4e04b4f25c9d8b4cca898dc7b9bd584521dd4040dd0c5717e82686e8539685 expat-debuginfo-2.7.3-1.el10_2.1.ppc64le.rpm SHA-256: 2f5a8f7141573d96bd941fa51ea956873899892456d24c6e501a38f78fa3ab16 expat-debuginfo-2.7.3-1.el10_2.1.ppc64le.rpm SHA-256: 2f5a8f7141573d96bd941fa51ea956873899892456d24c6e501a38f78fa3ab16 expat-debugsource-2.7.3-1.el10_2.1.ppc64le.rpm SHA-256: 5050b9acdfd1c2081fbaaff3d9a6da42a5213241f8596118c2d2473d39813366 expat-debugsource-2.7.3-1.el10_2.1.ppc64le.rpm SHA-256: 5050b9acdfd1c2081fbaaff3d9a6da42a5213241f8596118c2d2473d39813366 expat-devel-2.7.3-1.el10_2.1.ppc64le.rpm SHA-256: 8401ca9a92308db972ae56c7e078ef2a414f0b72d7fab1393fae65bbf1599b13 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 SRPM expat-2.7.3-1.el10_2.1.src.rpm SHA-256: 5e62cde4dc80da8eecab55080c2b2c6ed5d7055ac1b7bef1007deacaa50d6526 ppc64le expat-2.7.3-1.el10_2.1.ppc64le.rpm SHA-256: 3f4e04b4f25c9d8b4cca898dc7b9bd584521dd4040dd0c5717e82686e8539685 expat-debuginfo-2.7.3-1.el10_2.1.ppc64le.rpm SHA-256: 2f5a8f7141573d96bd941fa51ea956873899892456d24c6e501a38f78fa3ab16 expat-debuginfo-2.7.3-1.el10_2.1.ppc64le.rpm SHA-256: 2f5a8f7141573d96bd941fa51ea956873899892456d24c6e501a38f78fa3ab16 expat-debugsource-2.7.3-1.el10_2.1.ppc64le.rpm SHA-256: 5050b9acdfd1c2081fbaaff3d9a6da42a5213241f8596118c2d2473d39813366 expat-debugsource-2.7.3-1.el10_2.1.ppc64le.rpm SHA-256: 5050b9acdfd1c2081fbaaff3d9a6da42a5213241f8596118c2d2473d39813366 expat-devel-2.7.3-1.el10_2.1.ppc64le.rpm SHA-256: 8401ca9a92308db972ae56c7e078ef2a414f0b72d7fab1393fae65bbf1599b13 Red Hat Enterprise Linux for ARM 64 10 SRPM expat-2.7.3-1.el10_2.1.src.rpm SHA-256: 5e62cde4dc80da8eecab55080c2b2c6ed5d7055ac1b7bef1007deacaa50d6526 aarch64 expat-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: 0dcfff5c701c572248fb431cc2b7f7c46b5e56365e7eab5b9da6e0155950c4b8 expat-debuginfo-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: 81568e960b03710678a2297c399e53e7d605054cf3c931adaf84bf1ce6e90e9f expat-debuginfo-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: 81568e960b03710678a2297c399e53e7d605054cf3c931adaf84bf1ce6e90e9f expat-debugsource-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: dafc4eaa7a51b863bad32d63ff0e9ee5023fc5a67fcde74cfbe7144522a06b60 expat-debugsource-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: dafc4eaa7a51b863bad32d63ff0e9ee5023fc5a67fcde74cfbe7144522a06b60 expat-devel-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: f7e481522deccfb99b93bf662743b392875573981e74fdd8877cf38d8e125e24 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 SRPM expat-2.7.3-1.el10_2.1.src.rpm SHA-256: 5e62cde4dc80da8eecab55080c2b2c6ed5d7055ac1b7bef1007deacaa50d6526 aarch64 expat-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: 0dcfff5c701c572248fb431cc2b7f7c46b5e56365e7eab5b9da6e0155950c4b8 expat-debuginfo-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: 81568e960b03710678a2297c399e53e7d605054cf3c931adaf84bf1ce6e90e9f expat-debuginfo-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: 81568e960b03710678a2297c399e53e7d605054cf3c931adaf84bf1ce6e90e9f expat-debugsource-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: dafc4eaa7a51b863bad32d63ff0e9ee5023fc5a67fcde74cfbe7144522a06b60 expat-debugsource-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: dafc4eaa7a51b863bad32d63ff0e9ee5023fc5a67fcde74cfbe7144522a06b60 expat-devel-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: f7e481522deccfb99b93bf662743b392875573981e74fdd8877cf38d8e125e24 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 SRPM expat-2.7.3-1.el10_2.1.src.rpm SHA-256: 5e62cde4dc80da8eecab55080c2b2c6ed5d7055ac1b7bef1007deacaa50d6526 aarch64 expat-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: 0dcfff5c701c572248fb431cc2b7f7c46b5e56365e7eab5b9da6e0155950c4b8 expat-debuginfo-2.7.3-1.el10_2.1.aarch64.rpm SHA-256: 81568e960b03710678a2297c399e53e7