CVE-2025-11731 is a vulnerability identified in the libxslt library component of Red Hat Enterprise Linux 10. The issue resides in the exsltFuncResultComp() function, which processes EXSLT <func:result> elements during XML stylesheet parsing. The vulnerability is a type confusion flaw where the function improperly handles XML node types, treating an XML document node as a regular XML element node. This misclassification leads to unexpected memory reads, potentially causing application crashes or denial of service conditions. The flaw does not allow for privilege escalation, code execution, or data leakage, as it solely affects availability through instability. Exploitation requires an attacker to supply crafted XML stylesheets that trigger the vulnerable code path, which is non-trivial due to the complexity of the XML processing context and the need for user interaction. The CVSS v3.1 score is 3.1, reflecting low severity with network attack vector, high attack complexity, no privileges required, and user interaction needed. No known exploits have been reported in the wild, and no patches were linked at the time of disclosure, though Red Hat is expected to release updates. This vulnerability primarily threatens applications and services that utilize libxslt for XML transformations, especially those processing untrusted or external XML content.

For European organizations, the primary impact of CVE-2025-11731 is potential application instability or denial of service in systems running Red Hat Enterprise Linux 10 that rely on libxslt for XML processing. This could affect web services, middleware, or internal applications that perform XML transformations using EXSLT functions. While the vulnerability does not compromise confidentiality or integrity, service disruptions could impact business continuity, especially in sectors dependent on high availability such as finance, telecommunications, and critical infrastructure. Organizations processing untrusted XML inputs are at higher risk. The difficulty of exploitation and requirement for user interaction reduce the likelihood of widespread attacks, but targeted attempts could cause localized outages. The low CVSS score indicates limited overall risk, but operational impacts could be significant if exploited in critical systems.

Organizations should monitor Red Hat advisories and apply patches promptly once available to address CVE-2025-11731. Until patches are deployed, restrict or validate XML stylesheet inputs to prevent processing of untrusted or malicious EXSLT <func:result> elements. Employ application-layer filtering or sandboxing for XML processing components to limit the impact of crashes. Review and harden XML processing workflows to minimize exposure to crafted XML content. Implement robust monitoring to detect abnormal application crashes or service interruptions related to XML transformations. Consider upgrading libxslt to versions where the flaw is fixed or using alternative XML processing libraries if feasible. Additionally, educate developers and system administrators about safe XML handling practices to reduce the risk of exploitation.