https://nvd.nist.gov/vuln/detail/CVE-2026-7210
xml.parsers.expat and xml.etree.ElementTree use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch.
NOTE: This is an automated issue created based on the library metadata. Osquery may or may not be affected.
https://nvd.nist.gov/vuln/detail/CVE-2026-7210
xml.parsers.expatandxml.etree.ElementTreeuse insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch.NOTE: This is an automated issue created based on the library metadata. Osquery may or may not be affected.