CVE-2026-41401 | libyang up to 5.4.2 YANG XML Document lyd_parser_set_data_flags use after free

A vulnerability, which was classified as critical, has been found in libyang up to 5.4.2. This affects the function lyd_parser_set_data_flags of the component YANG XML Document Handler. This manipulation causes use after free.

This vulnerability appears as CVE-2026-41401. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More