You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-4645
About this tag
CVE-2026-4645 is a denial-of-service vulnerability in the Go XPath library github.com/antchfx/xpath. Specially crafted boolean XPath expressions can cause total loss of availability, either during processing or persistently. This flaw is similar to other parser and query-language DoS bugs where small inputs have disproportionate impact. Discussions on WindowsForum cover the technical details, affected components, and potential mitigations for CVE-2026-4645.
A newly assigned CVE-2026-4645 affects the Go XPath library github.com/antchfx/xpath, and the issue is serious enough to be framed as a denial-of-service risk: specially crafted boolean XPath expressions can drive the component into total loss of availability. The vulnerability description...