Vulnerability in shepherd project

While working on shepherd project, I found that fast-xml-parser throws an uncaught RangeError when parsing XML containing out-of-range numeric entities. The error occurs due to the use of String.fromCodePoint() with invalid Unicode values, causing the application to crash and result in a Denial of Service (DoS) when untrusted XML input is processed.

[CVE Report](https://vulert.com/vuln-scan/list/222935b2-8fe1-43e6-8e4b-96c68fb47588?sort_order=desc&sort_by=created_at)
[CVE Link](https://vulert.com/vuln-db/CVE-2026-25128)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Vulnerability in shepherd project #3350

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Vulnerability in shepherd project #3350

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions