CVE Catalog

CVE-2025-10911

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

6th percentile - higher than 6% of all known CVEs

Summary

A use-after-free vulnerability was found in libxslt while parsing XSL nodes. It may lead to the dereference of expired pointers and application crash.

Risk Assessment

An attacker could exploit this vulnerability to crash applications using libxslt, potentially leading to denial of service (DoS).

Recommendation

Update libxslt to the latest patched version immediately. If not possible, restrict processing of untrusted XSL files.

Original NVD description (English source)

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS