The following vulnerability was published for libxml2.
CVE-2025-32415[0]:
| In libxml2 before 2.13.8 and 2.14.x before 2.14.2,
| xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer
| under-read. To exploit this, a crafted XML document must be
| validated against an XML schema with certain identity constraints,
| or a crafted XML schema must be used.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.