CVE-2025-10911 MEDIUM

CVE-2025-10911: Libxslt: use-after-free with key data stored cross-rvt

Vendor Red Hat
Product Red Hat Enterprise Linux 6
Weakness CWE-825
Published September 25, 2025
Last update June 29, 2026

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.

Key dates

02Disclosure timeline

September 25, 2025 CVE published
June 29, 2026 Record updated