Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

libxml2 Vendor: xmlsoft

About This Product

libxml2 is a software product offered by xmlsoft. This product is widely deployed in production environments, making vulnerability monitoring essential for organizations relying on it. Security vulnerabilities in products of this category can affect system availability, data confidentiality, and integrity across entire networks. The significant number of reported vulnerabilities indicates this product has received substantial security scrutiny and community focus over time. Regular assessment of known vulnerabilities and timely patching are fundamental components of responsible system administration for any deployment of this software.

Vulnerability Landscape Summary

SecUtils has identified 101 known vulnerabilities affecting xmlsoft libxml2. This includes 8 critical-severity issues and 42 high-severity issues that warrant immediate attention. Vulnerabilities in this product have been disclosed spanning from 2003 to 2025, indicating a sustained research interest and ongoing security attention. 47 medium-severity issues and 4 low-severity issues complete the vulnerability landscape. Organizations should prioritize patching based on deployment context, asset criticality, and exploitation likelihood rather than severity alone.

Known Vulnerabilities

ID	Date Published	Last Modified	Severity (CVSSv3)	Severity (CVSSv2)	Exploit Available
CVE-2003-1564	2003-12-31	2025-04-03	6.5	9.3	Likely
CVE-2004-0110	2004-03-15	2025-04-03	-	7.5	Likely
CVE-2004-0989	2005-03-01	2025-04-03	-	10.0	Likely
CVE-2008-3281	2008-08-27	2025-04-09	6.5	4.3	Likely
CVE-2008-3529	2008-09-12	2025-04-09	-	10.0	Likely
CVE-2008-4409	2008-10-03	2025-04-09	-	5.0	Likely
CVE-2009-2414	2009-08-11	2025-04-09	-	4.3	Likely
CVE-2009-2416	2009-08-11	2025-04-09	6.5	4.3	Likely
CVE-2010-4008	2010-11-17	2025-04-11	-	4.3	Likely
CVE-2010-4494	2010-12-07	2025-04-11	-	7.5	Likely
CVE-2011-1944	2011-09-02	2025-04-11	-	9.3	Likely
CVE-2012-2871	2012-08-31	2025-04-11	-	6.8	Likely
CVE-2012-5134	2012-11-28	2025-04-11	-	6.8	Likely
CVE-2012-0841	2012-12-21	2025-04-11	-	5.0	Likely
CVE-2013-0338	2013-04-25	2025-04-11	-	4.3	Likely
CVE-2013-1969	2013-04-25	2025-04-11	-	7.5	Likely
CVE-2013-2877	2013-07-10	2025-04-11	-	5.0	Likely
CVE-2013-0339	2014-01-21	2025-04-11	-	6.8	Likely
CVE-2014-3660	2014-11-04	2025-04-12	-	5.0	Likely
CVE-2015-7941	2015-11-18	2025-04-12	-	4.3	Likely
CVE-2015-7942	2015-11-18	2025-04-12	-	6.8	Likely
CVE-2015-8035	2015-11-18	2025-04-12	-	2.6	Unknown
CVE-2015-5312	2015-12-15	2025-04-12	-	7.1	Likely
CVE-2015-7497	2015-12-15	2025-04-12	-	5.0	Likely
CVE-2015-7498	2015-12-15	2025-04-12	-	5.0	Likely
CVE-2015-7499	2015-12-15	2025-04-12	-	5.0	Likely
CVE-2015-7500	2015-12-15	2025-04-12	-	5.0	Likely
CVE-2015-8241	2015-12-15	2025-04-12	-	6.4	Likely
CVE-2015-8242	2015-12-15	2025-04-12	-	5.8	Likely
CVE-2015-8317	2015-12-15	2025-04-12	-	5.0	Likely
CVE-2016-2073	2016-02-12	2025-04-12	6.5	4.3	Likely
CVE-2016-1762	2016-03-24	2025-12-17	8.1	5.8	Likely
CVE-2015-8710	2016-04-11	2025-04-12	9.8	7.5	Likely
CVE-2015-8806	2016-04-13	2025-04-12	7.5	5.0	Likely
CVE-2015-6837	2016-05-16	2025-04-12	7.5	5.0	Likely
CVE-2015-6838	2016-05-16	2025-04-12	7.5	5.0	Likely
CVE-2016-3627	2016-05-17	2025-12-04	7.5	5.0	Likely
CVE-2016-3705	2016-05-17	2025-04-12	7.5	5.0	Likely
CVE-2016-1833	2016-05-20	2025-04-12	5.5	4.3	Likely
CVE-2016-1834	2016-05-20	2025-12-04	7.8	9.3	Likely
CVE-2016-1836	2016-05-20	2025-04-12	5.5	4.3	Likely
CVE-2016-1837	2016-05-20	2025-04-12	5.5	4.3	Likely
CVE-2016-1838	2016-05-20	2025-04-12	5.5	4.3	Likely
CVE-2016-1839	2016-05-20	2025-04-12	5.5	4.3	Likely
CVE-2016-1840	2016-05-20	2025-04-12	7.8	6.8	Likely
CVE-2016-4447	2016-06-09	2025-04-12	7.5	5.0	Likely
CVE-2016-4448	2016-06-09	2025-04-12	9.8	10.0	Likely
CVE-2016-4449	2016-06-09	2025-04-12	7.1	5.8	Likely
CVE-2016-5131	2016-07-23	2025-12-04	8.8	6.8	Likely
CVE-2016-4658	2016-09-25	2025-04-12	9.8	10.0	Likely
CVE-2016-9318	2016-11-16	2025-12-04	5.5	4.3	Likely
CVE-2016-4483	2017-04-11	2025-04-20	7.5	5.0	Likely
CVE-2017-5969	2017-04-11	2025-04-20	4.7	2.6	Unknown
CVE-2017-8872	2017-05-10	2025-12-17	9.1	6.4	Likely
CVE-2017-9047	2017-05-18	2025-04-20	7.5	5.0	Likely
CVE-2017-9048	2017-05-18	2025-12-18	7.5	5.0	Likely
CVE-2017-9049	2017-05-18	2025-12-18	7.5	5.0	Likely
CVE-2017-9050	2017-05-18	2025-12-17	7.5	5.0	Likely
CVE-2017-16931	2017-11-23	2025-04-20	9.8	7.5	Likely
CVE-2017-16932	2017-11-23	2026-01-22	7.5	5.0	Likely
CVE-2017-5130	2018-02-07	2025-12-03	8.8	6.8	Likely
CVE-2017-7375	2018-02-19	2025-12-03	9.8	7.5	Likely
CVE-2017-7376	2018-02-19	2024-11-21	9.8	10.0	Likely
CVE-2018-9251	2018-04-04	2024-11-21	5.3	2.6	Unknown
CVE-2017-18258	2018-04-08	2024-11-21	6.5	4.3	Likely
CVE-2018-14404	2018-07-19	2025-12-03	6.5	5.0	Likely
CVE-2016-9597	2018-07-30	2024-11-21	7.5	5.0	Likely
CVE-2016-9596	2018-08-16	2024-11-21	6.5	4.3	Likely
CVE-2016-9598	2018-08-16	2024-11-21	6.5	4.3	Likely
CVE-2018-14567	2018-08-16	2024-11-21	6.5	4.3	Likely
CVE-2017-15412	2018-08-28	2024-11-21	8.8	6.8	Likely
CVE-2019-19956	2019-12-24	2025-12-03	7.5	5.0	Likely
CVE-2019-20388	2020-01-21	2025-12-17	7.5	5.0	Likely
CVE-2020-7595	2020-01-21	2025-12-03	7.5	5.0	Likely
CVE-2020-24977	2020-09-04	2024-11-21	6.5	6.4	Likely
CVE-2021-3537	2021-05-14	2024-11-21	5.9	4.3	Likely
CVE-2021-3518	2021-05-18	2024-11-21	8.8	6.8	Likely
CVE-2021-3517	2021-05-19	2025-12-02	8.6	7.5	Likely
CVE-2021-3541	2021-07-09	2024-11-21	6.5	4.0	Likely
CVE-2022-23308	2022-02-26	2025-05-05	7.5	4.3	Likely
CVE-2022-29824	2022-05-03	2024-11-21	6.5	4.3	Likely
CVE-2022-2309	2022-07-05	2025-11-04	7.5	5.0	Likely
CVE-2016-3709	2022-07-28	2025-11-04	6.1	-	-
CVE-2022-40303	2022-11-23	2025-04-29	7.5	-	-
CVE-2022-40304	2022-11-23	2025-04-28	7.8	-	-
CVE-2023-28484	2023-04-24	2025-05-30	6.5	-	-
CVE-2023-29469	2023-04-24	2025-02-04	6.5	-	-
CVE-2023-39615	2023-08-29	2025-11-03	6.5	-	-
CVE-2023-45322	2023-10-06	2025-11-03	6.5	-	-
CVE-2024-25062	2024-02-04	2025-11-03	7.5	-	-
CVE-2024-34459	2024-05-14	2025-11-04	7.5	-	-
CVE-2024-40896	2024-12-23	2025-11-25	9.1	-	-
CVE-2022-49043	2025-01-26	2025-11-03	8.1	-	-
CVE-2024-56171	2025-02-18	2025-11-03	7.8	-	-
CVE-2025-24928	2025-02-18	2025-11-03	7.8	-	-
CVE-2025-27113	2025-02-18	2025-11-03	2.9	-	-
CVE-2025-32414	2025-04-08	2025-11-03	5.6	-	-
CVE-2025-32415	2025-04-17	2025-11-03	2.9	-	-
CVE-2025-6021	2025-06-12	2026-02-06	7.5	-	-
CVE-2025-6170	2025-06-16	2025-11-03	2.5	-	-
CVE-2025-9714	2025-09-10	2025-11-03	6.2	-	-

How SecUtils Interprets Product Data

SecUtils normalizes and enriches National Vulnerability Database (NVD) records for xmlsoft libxml2 by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and structuring the data for rapid analysis and asset correlation. For every vulnerability listed, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference information to enable organizations to prioritize patching and risk assessment efficiently. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for vulnerability management and security operations.