CVE-2025-10911 is a use-after-free vulnerability identified in the libxslt library, which is responsible for parsing XSL nodes in XML transformations. The vulnerability arises when the library dereferences pointers that have already been freed, leading to expired pointer dereference. This can cause the application to crash, resulting in a denial of service (DoS) condition. The vulnerability specifically affects Red Hat Enterprise Linux 10, a widely used enterprise-grade Linux distribution. The CVSS v3.1 base score is 5.5, reflecting a medium severity level. The vector string AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H indicates that the attack requires local access (AV:L), low attack complexity (AC:L), no privileges required (PR:N), user interaction is necessary (UI:R), scope is unchanged (S:U), and only availability is impacted (A:H) with no confidentiality or integrity impact. There are no known exploits in the wild at the time of publication, and no patches have been linked yet, though Red Hat is the vendor project responsible for addressing the issue. The vulnerability could be exploited by a local user who can interact with the system to trigger the parsing of maliciously crafted XSL nodes, causing the application to crash. This could disrupt services relying on libxslt for XML processing, potentially affecting automated workflows or applications that depend on XSL transformations.

For European organizations, the primary impact of CVE-2025-10911 is the potential for denial of service due to application crashes when processing malicious XSL nodes. This could disrupt business-critical applications that use libxslt for XML transformations, such as data integration, document processing, or web services. While confidentiality and integrity are not directly affected, availability interruptions could lead to operational downtime and associated financial or reputational damage. Organizations running Red Hat Enterprise Linux 10 in sectors like finance, government, telecommunications, and critical infrastructure may experience service interruptions if exploited. The requirement for local access and user interaction limits remote exploitation risk but does not eliminate insider threat or scenarios where users might be tricked into triggering the vulnerability. The lack of known exploits reduces immediate risk but does not preclude future weaponization. Given the widespread use of Red Hat Enterprise Linux in European enterprises and public sector, the vulnerability could have a moderate operational impact if left unmitigated.

1. Monitor Red Hat security advisories closely and apply patches promptly once they become available to address CVE-2025-10911. 2. Restrict local access to systems running Red Hat Enterprise Linux 10, especially limiting user permissions and preventing untrusted users from executing processes that parse XSL nodes. 3. Implement application whitelisting and control execution of scripts or applications that utilize libxslt to reduce risk of triggering the vulnerability. 4. Conduct user awareness training to prevent inadvertent user interaction with malicious content that could exploit this vulnerability. 5. Employ runtime monitoring and logging to detect abnormal application crashes or unusual parsing activity that may indicate exploitation attempts. 6. Consider isolating or sandboxing applications that rely on libxslt to limit the impact of potential crashes. 7. Review and harden XML processing workflows to validate and sanitize input XSL files before processing. 8. Maintain up-to-date backups and incident response plans to quickly recover from denial of service events caused by exploitation.