These issues are fixed in 2.14.2 and 2.13.8. Older branches won't receive official updates.
[CVE-2025-32414] Buffer overflow when parsing text streams with Python API https://gitlab.gnome.org/GNOME/libxml2/-/issues/889 The Python Package Index contains an outdated and unsanctioned upload based on libxml2 2.9.5 which is vulnerable. I tried to inform the PyPI maintainers but I'm not sure my message made it through. [CVE-2025-32415] Heap-based Buffer Overflow in xmlSchemaIDCFillNodeTables https://gitlab.gnome.org/GNOME/libxml2/-/issues/890 Nick
