CVE-2026-41675 Overview
CVE-2026-41675 is an XML injection vulnerability in the @xmldom/xmldom package, a pure JavaScript W3C standard-based DOMParser and XMLSerializer module. The flaw affects @xmldom/xmldom versions prior to 0.9.10 and 0.8.13, as well as the legacy xmldom package version 0.6.0 and earlier. The library serializes attacker-controlled processing instruction (PI) data without validating or neutralizing the PI-closing sequence ?>. Attackers can terminate a processing instruction early and inject arbitrary XML nodes into the serialized output, corrupting downstream XML consumers. The vulnerability is classified under CWE-91: XML Injection.
Critical Impact
Attackers can inject arbitrary XML structure into serialized documents, leading to data integrity compromise in any downstream system that parses the resulting XML.
Affected Products
- @xmldom/xmldom versions prior to 0.9.10
- @xmldom/xmldom versions prior to 0.8.13
- xmldom version 0.6.0 and earlier (legacy package)
Discovery Timeline
- 2026-05-07 - CVE-2026-41675 published to NVD
- 2026-05-07 - Last updated in NVD database
Technical Details for CVE-2026-41675
Vulnerability Analysis
The @xmldom/xmldom library implements XML serialization through its XMLSerializer component. When the serializer encounters a processing instruction node, it writes the node's data field directly into the output stream surrounded by <?target and ?> delimiters. The serializer does not inspect or escape the data payload for the closing sequence ?>. Any caller that constructs a processing instruction using attacker-influenced data exposes the entire serialized document to structural manipulation.
When a downstream consumer parses the resulting XML, the injected nodes are interpreted as legitimate document content. This breaks the integrity boundary between data and markup. The impact extends to any pipeline using xmldom for XML generation, including SAML responses, SOAP envelopes, RSS feeds, and configuration documents.
Root Cause
The root cause is missing output encoding in the processing instruction serialization path. XML processing instructions cannot contain the literal sequence ?> per the W3C XML specification, but xmldom failed to enforce this constraint at serialization time. The fix introduced in commit 7207a4b0e0bcc228868075ed991665ef9f73b1c2 validates PI data before serialization. See the GitHub Security Advisory GHSA-x6wf-f3px-wcqx for the technical writeup.
Attack Vector
Exploitation requires an application that accepts user input and incorporates it into a processing instruction's data field before serialization. The attacker supplies a payload containing ?> followed by arbitrary XML elements. When the serializer writes the PI, the premature ?> closes the processing instruction, and the trailing content becomes part of the XML document tree. No authentication or user interaction is required against vulnerable network-exposed services.
The vulnerability manifests entirely at serialization time. Refer to the GitHub Security Advisory for proof-of-concept details and the impacted code paths.
Detection Methods for CVE-2026-41675
Indicators of Compromise
- Serialized XML output containing unexpected elements adjacent to processing instructions, particularly the substring ?> followed by < inside a PI boundary.
- Application logs showing parser errors from downstream XML consumers receiving documents from xmldom-based services.
- Anomalous SAML, SOAP, or RSS payloads where processing instruction data fields contain XML markup characters.
Detection Strategies
- Inventory Node.js dependency trees using npm ls @xmldom/xmldom and npm ls xmldom to identify vulnerable versions in production and build environments.
- Implement integration tests that feed payloads containing ?> sequences into PI data fields and assert serialized output does not contain injected nodes.
- Use Software Composition Analysis (SCA) tooling to flag any dependency resolving to @xmldom/xmldom < 0.9.10, @xmldom/xmldom < 0.8.13, or xmldom <= 0.6.0.
Monitoring Recommendations
- Monitor application logs for XML parsing exceptions in services downstream of xmldom serialization.
- Track outbound XML payloads at API gateways for malformed processing instruction patterns.
- Alert on dependency drift in CI/CD pipelines when xmldom versions appear in lockfiles below the patched releases.
How to Mitigate CVE-2026-41675
Immediate Actions Required
- Upgrade @xmldom/xmldom to version 0.9.10 or 0.8.13 immediately across all projects and lockfiles.
- Stop using the unmaintained legacy xmldom package and migrate to @xmldom/xmldom.
- Audit application code for any path where untrusted input flows into a processing instruction's data field and add input validation.
Patch Information
The maintainers released fixes in @xmldom/xmldom 0.9.10 and @xmldom/xmldom 0.8.13. The patch is implemented in commit 7207a4b, which validates PI data and rejects content containing the ?> sequence at serialization time.
Workarounds
- Reject or sanitize the substring ?> in any user-controlled input before assigning it to a processing instruction's data field.
- Avoid generating processing instructions from untrusted data entirely; use static PI declarations where possible.
- Wrap the XMLSerializer in a guard that scans serialized output for unexpected node boundaries near PI delimiters before transmission.
# Configuration example
npm install @xmldom/xmldom@0.9.10
# or for the 0.8.x line
npm install @xmldom/xmldom@0.8.13
npm audit --production
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
