1. fast-xml-parser Patches Critical XML Injection Flaw in XMLBuilder Component
A critical security vulnerability has been identified in fast-xml-parser, a widely deployed JavaScript library for XML parsing and validation. The flaw, tracked as CVE-2026-41650 and catalogued as GHSA-gh4j-gqv2-49f6, affects the XMLBuilder component and enables XML Comment and CDATA Injection via unescaped delimiters....