Skip to content
Threat Feed
high advisory

lxml Library Vulnerable to XXE Attacks via iterparse() and ETCompatXMLParser()

lxml versions before 6.1.0 are vulnerable to XML External Entity (XXE) attacks when using iterparse() or ETCompatXMLParser() with default settings, potentially allowing local file reads.

The lxml library, a widely used XML and HTML processing library for Python, is vulnerable to XML External Entity (XXE) injection attacks in versions prior to 6.1.0. This vulnerability specifically affects the iterparse() and ETCompatXMLParser() functions when used with their default configuration, where resolve_entities is set to True. This default setting allows an attacker to supply a specially crafted XML document that can force the parser to read arbitrary local files. This vulnerability was addressed in lxml 6.1.0 by changing the default resolve_entities setting to 'internal', mitigating the risk of local file access. The original report can be found at https://bugs.launchpad.net/lxml/+bug/2146291. This vulnerability is identified as CVE-2026-41066.

Attack Chain

  1. Attacker crafts a malicious XML document containing an external entity declaration. This declaration points to a local file path.
  2. The attacker submits the crafted XML document to an application that uses the vulnerable lxml.iterparse() or lxml.ETCompatXMLParser() function.
  3. The vulnerable lxml parser, configured with default settings (resolve_entities=True), attempts to resolve the external entity.
  4. The parser reads the contents of the local file specified in the external entity declaration.
  5. The application processes the parsed XML data, including the content of the local file.
  6. The application may then display the file contents to the attacker or use it in further processing.
  7. If the application is running with elevated privileges, the attacker might be able to read sensitive system files.
  8. Successful exploitation can lead to information disclosure and potentially further compromise of the system.

Impact

Successful exploitation of this XXE vulnerability can lead to the disclosure of sensitive information stored on the server's local file system. This could include configuration files, application source code, or even sensitive data. The number of potential victims is dependent on the prevalence of vulnerable lxml library versions (< 6.1.0) in applications that process untrusted XML input using iterparse() or ETCompatXMLParser() with default settings. The sectors impacted are broad, as lxml is a general-purpose library used in a wide variety of applications.

Recommendation

  • Upgrade the lxml library to version 6.1.0 or later to patch CVE-2026-41066.
  • Explicitly set the resolve_entities option to 'internal' or False when using lxml.iterparse() or lxml.ETCompatXMLParser() to disable local file access, as described in the advisory.
  • Deploy the Sigma rule Detect lxml XXE via iterparse or ETCompatXMLParser to identify potential XXE attacks targeting vulnerable lxml versions.
  • Review application code that uses lxml to ensure proper handling of XML input and prevent the processing of untrusted external entities.

Detection coverage 2

Detect lxml XXE via iterparse or ETCompatXMLParser

high

Detects potential XXE attacks attempting to exploit vulnerable lxml iterparse or ETCompatXMLParser functions by searching for system file access attempts within XML data.

sigma tactics: initial_access techniques: T1190 sources: webserver, linux

Detect lxml XXE via iterparse or ETCompatXMLParser - Windows

high

Detects potential XXE attacks attempting to exploit vulnerable lxml iterparse or ETCompatXMLParser functions by searching for system file access attempts within XML data on Windows systems.

sigma tactics: initial_access techniques: T1190 sources: webserver, windows

Detection queries are available on the platform. Get full rules →