fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)

High severity GitHub Reviewed Published Mar 16, 2026 in NaturalIntelligence/fast-xml-parser • Updated Mar 17, 2026

No open alerts for this advisory

Give feedback on Dependabot alerts