Tag
xml
Safeguard articles tagged "xml" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Vulnerability Guides
What Is XXE (XML External Entity Injection)?
XXE abuses an XML parser's ability to load external entities to read local files, reach internal services, or knock a server offline. Here is how to stop it.
Jul 1, 20265 min read
Application Security
XML Parsing Security: XXE, Billion Laughs, and Beyond
XML's feature richness is its security weakness. XXE, entity expansion, and XSLT injection continue to plague applications that process XML.
Jan 12, 20264 min read
Vulnerability Response
CVE-2025-49794 in libxml2: Patch Posture & SBOM Response
libxml2 use-after-free during XPath schematron parsing scored CVSS 9.1. Defender SBOM playbook for one of the most-embedded libraries on the planet.
Jul 15, 20256 min read