CVE-2026-49472 | signalwire FreeSWITCH up to 1.10.x xmltok_impl.c escape output (GHSA-4jm3-xpcm-mwwq)

A vulnerability categorized as problematic has been discovered in signalwire FreeSWITCH up to 1.10.x. This affects an unknown part in the library libs/xmlrpc-c/lib/expat/xmltok/xmltok_impl.c. The manipulation results in escaping of output.

This vulnerability was named CVE-2026-49472. The attack may be performed from remote. There is no available exploit.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More