lxml Library Vulnerable to XXE Attacks via iterparse() and ETCompatXMLParser()
lxml versions before 6.1.0 are vulnerable to XML External Entity (XXE) attacks when using iterparse() or ETCompatXMLParser() with default settings, potentially allowing local file reads.
The lxml library, a widely used XML and HTML processing library for Python, is vulnerable to XML External Entity (XXE) injection attacks in versions prior to 6.1.0. This vulnerability specifically affects the iterparse() and ETCompatXMLParser() functions when used with their default configuration, where resolve_entities is set to True. This default setting allows an attacker to supply a specially crafted XML document that can force the parser to read arbitrary local files. This vulnerability was addressed in lxml 6.1.0 by changing the default resolve_entities setting to 'internal', mitigating the risk of local file access. The original report can be found at https://bugs.launchpad.net/lxml/+bug/2146291. This vulnerability is identified as CVE-2026-41066.
Attack Chain
- Attacker crafts a malicious XML document containing an external entity declaration. This declaration points to a local file path.
- The attacker submits the crafted XML document to an application that uses the vulnerable
lxml.iterparse()orlxml.ETCompatXMLParser()function. - The vulnerable lxml parser, configured with default settings (
resolve_entities=True), attempts to resolve the external entity. - The parser reads the contents of the local file specified in the external entity declaration.
- The application processes the parsed XML data, including the content of the local file.
- The application may then display the file contents to the attacker or use it in further processing.
- If the application is running with elevated privileges, the attacker might be able to read sensitive system files.
- Successful exploitation can lead to information disclosure and potentially further compromise of the system.
Impact
Successful exploitation of this XXE vulnerability can lead to the disclosure of sensitive information stored on the server's local file system. This could include configuration files, application source code, or even sensitive data. The number of potential victims is dependent on the prevalence of vulnerable lxml library versions (< 6.1.0) in applications that process untrusted XML input using iterparse() or ETCompatXMLParser() with default settings. The sectors impacted are broad, as lxml is a general-purpose library used in a wide variety of applications.
Recommendation
- Upgrade the lxml library to version 6.1.0 or later to patch CVE-2026-41066.
- Explicitly set the
resolve_entitiesoption to'internal'orFalsewhen usinglxml.iterparse()orlxml.ETCompatXMLParser()to disable local file access, as described in the advisory. - Deploy the Sigma rule
Detect lxml XXE via iterparse or ETCompatXMLParserto identify potential XXE attacks targeting vulnerable lxml versions. - Review application code that uses lxml to ensure proper handling of XML input and prevent the processing of untrusted external entities.
Detection coverage 2
Detect lxml XXE via iterparse or ETCompatXMLParser
highDetects potential XXE attacks attempting to exploit vulnerable lxml iterparse or ETCompatXMLParser functions by searching for system file access attempts within XML data.
Detect lxml XXE via iterparse or ETCompatXMLParser - Windows
highDetects potential XXE attacks attempting to exploit vulnerable lxml iterparse or ETCompatXMLParser functions by searching for system file access attempts within XML data on Windows systems.
Detection queries are available on the platform. Get full rules →