Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery.Select, leading to 100% CPU usage. This can be triggered by top-level selectors such as "1=1" or "true()".
PUBLISHED5.2
Infinite loop in github.com/antchfx/xpath
Problem type
- CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
Affected products
github.com/antchfx/xpath
github.com/antchfx/xpath
< 1.3.6 - AFFECTED
References
github.com
https://github.com/antchfx/xpath/issues/121
github.com
https://github.com/antchfx/xpath/commit/afd4762cc342af56345a3fb4002a59281fcab494
github.com
https://github.com/golang/vulndb/issues/4526
pkg.go.dev
https://pkg.go.dev/vuln/GO-2026-4526
JSON source
https://cveawg.mitre.org/api/cve/CVE-2026-32287Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2026-32287",
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"dateUpdated": "2026-03-26T19:40:52.142Z",
"dateReserved": "2026-03-11T16:38:46.556Z",
"datePublished": "2026-03-26T19:40:52.142Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go",
"dateUpdated": "2026-03-26T19:40:52.142Z"
},
"title": "Infinite loop in github.com/antchfx/xpath",
"descriptions": [
{
"lang": "en",
"value": "Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery.Select, leading to 100% CPU usage. This can be triggered by top-level selectors such as \"1=1\" or \"true()\"."
}
],
"affected": [
{
"vendor": "github.com/antchfx/xpath",
"product": "github.com/antchfx/xpath",
"collectionURL": "https://pkg.go.dev",
"packageName": "github.com/antchfx/xpath",
"programRoutines": [
{
"name": "logicalQuery.Select"
},
{
"name": "Expr.Evaluate"
},
{
"name": "NodeIterator.MoveNext"
},
{
"name": "ancestorQuery.Evaluate"
},
{
"name": "ancestorQuery.Select"
},
{
"name": "attributeQuery.Evaluate"
},
{
"name": "attributeQuery.Select"
},
{
"name": "booleanQuery.Evaluate"
},
{
"name": "booleanQuery.Select"
},
{
"name": "cachedChildQuery.Evaluate"
},
{
"name": "cachedChildQuery.Select"
},
{
"name": "childQuery.Evaluate"
},
{
"name": "childQuery.Select"
},
{
"name": "descendantOverDescendantQuery.Evaluate"
},
{
"name": "descendantOverDescendantQuery.Select"
},
{
"name": "descendantQuery.Evaluate"
},
{
"name": "descendantQuery.Select"
},
{
"name": "filterQuery.Evaluate"
},
{
"name": "filterQuery.Select"
},
{
"name": "followingQuery.Evaluate"
},
{
"name": "followingQuery.Select"
},
{
"name": "functionQuery.Evaluate"
},
{
"name": "groupQuery.Evaluate"
},
{
"name": "groupQuery.Select"
},
{
"name": "lastFuncQuery.Evaluate"
},
{
"name": "logicalQuery.Evaluate"
},
{
"name": "mergeQuery.Evaluate"
},
{
"name": "mergeQuery.Select"
},
{
"name": "numericQuery.Evaluate"
},
{
"name": "parentQuery.Evaluate"
},
{
"name": "parentQuery.Select"
},
{
"name": "precedingQuery.Evaluate"
},
{
"name": "precedingQuery.Select"
},
{
"name": "selfQuery.Evaluate"
},
{
"name": "selfQuery.Select"
},
{
"name": "transformFunctionQuery.Evaluate"
},
{
"name": "transformFunctionQuery.Select"
},
{
"name": "unionQuery.Evaluate"
},
{
"name": "unionQuery.Select"
}
],
"defaultStatus": "unaffected",
"versions": [
{
"version": "0",
"status": "affected",
"versionType": "semver",
"lessThan": "1.3.6"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')"
}
]
}
],
"references": [
{
"url": "https://github.com/antchfx/xpath/issues/121"
},
{
"url": "https://github.com/antchfx/xpath/commit/afd4762cc342af56345a3fb4002a59281fcab494"
},
{
"url": "https://github.com/golang/vulndb/issues/4526"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4526"
}
]
}
}
}