diff --git a/backend/pyproject.toml b/backend/pyproject.toml
index 8358aec..e0dbe40 100644
--- a/backend/pyproject.toml
+++ b/backend/pyproject.toml
@@ -15,6 +15,7 @@ dependencies = [
     "cachetools==5.5.2",
     "cloudscraper==1.2.71",
     "cryptography>=41.0.0",
+    "defusedxml>=0.7.1",
     "fastapi==0.115.12",
     "feedparser==6.0.10",
     "httpx==0.28.1",
diff --git a/backend/services/cctv_pipeline.py b/backend/services/cctv_pipeline.py
index 243e1be..a489396 100644
--- a/backend/services/cctv_pipeline.py
+++ b/backend/services/cctv_pipeline.py
@@ -987,7 +987,7 @@ _KML_NS = {"kml": "http://www.opengis.net/kml/2.2"}
 
 def _find_kml_element(element, tag):
     """Find first descendant matching tag, ignoring XML namespace prefix."""
-    import xml.etree.ElementTree as ET
+    import defusedxml.ElementTree as ET
     el = element.find(f".//{tag}")
     if el is not None:
         return el
@@ -1015,7 +1015,7 @@ class MadridCityIngestor(BaseCCTVIngestor):
     KML_URL = "http://datos.madrid.es/egob/catalogo/202088-0-trafico-camaras.kml"
 
     def fetch_data(self) -> List[Dict[str, Any]]:
-        import xml.etree.ElementTree as ET
+        import defusedxml.ElementTree as ET
 
         try:
             response = fetch_with_curl(self.KML_URL, timeout=20)
diff --git a/backend/services/fetchers/aircraft_database.py b/backend/services/fetchers/aircraft_database.py
index bf548ef..1e2d1ea 100644
--- a/backend/services/fetchers/aircraft_database.py
+++ b/backend/services/fetchers/aircraft_database.py
@@ -16,9 +16,9 @@ import csv
 import logging
 import threading
 import time
-import xml.etree.ElementTree as ET
 from typing import Any
 
+import defusedxml.ElementTree as ET
 import requests
 
 logger = logging.getLogger(__name__)
diff --git a/backend/services/psk_reporter_fetcher.py b/backend/services/psk_reporter_fetcher.py
index 41f5124..91b41d6 100644
--- a/backend/services/psk_reporter_fetcher.py
+++ b/backend/services/psk_reporter_fetcher.py
@@ -6,8 +6,8 @@ Docs: https://pskreporter.info/pskdev.html
 """
 
 import logging
-import xml.etree.ElementTree as ET
 
+import defusedxml.ElementTree as ET
 import requests
 from cachetools import TTLCache, cached
 
diff --git a/openclaw-skills/shadowbroker/sb_monitor.py b/openclaw-skills/shadowbroker/sb_monitor.py
index 37b21cb..bbb3c20 100644
--- a/openclaw-skills/shadowbroker/sb_monitor.py
+++ b/openclaw-skills/shadowbroker/sb_monitor.py
@@ -701,7 +701,7 @@ async def _fetch_feed(feed: CustomFeed) -> list[dict]:
 
 def _parse_rss(xml_text: str, feed: CustomFeed) -> list[dict]:
     """Parse an RSS/Atom feed into normalized items."""
-    import xml.etree.ElementTree as ET
+    import defusedxml.ElementTree as ET
 
     items = []
     try: