Red Hat Security Advisory: libxslt security update
A use-after-free vulnerability (CVE-2025-10911) has been identified in libxslt, a library used for transforming XML files using XSLT stylesheets. This vulnerability involves key data stored cross-RVT, which could lead to memory corruption issues. Red Hat has issued a security advisory with a moderate severity rating and released updated libxslt packages for Red Hat Enterprise Linux 8 to address this issue.
AI Analysis
Technical Summary
CVE-2025-10911 is a use-after-free vulnerability in libxslt related to key data stored cross-RVT. libxslt is a library for transforming XML files into other textual formats using XSLT. The vulnerability could lead to memory corruption due to improper handling of key data. Red Hat Product Security has rated this issue as moderate severity and released patches for Red Hat Enterprise Linux 8 across multiple architectures. The advisory references updated packages that fix the issue by correcting the use-after-free condition.
Potential Impact
The vulnerability could allow an attacker to cause memory corruption in applications using libxslt, potentially leading to crashes or other unintended behavior. No known exploits in the wild have been reported. The impact is rated moderate by Red Hat, indicating a security concern that should be addressed but is not critical.
Mitigation Recommendations
Red Hat has released updated libxslt packages for Red Hat Enterprise Linux 8 that fix this vulnerability. Users should apply the official security update as described in the Red Hat advisory RHSA-2026:26355 and the linked article https://access.redhat.com/articles/11258. No additional mitigations are specified or required beyond applying the official patch.
Red Hat Security Advisory: libxslt security update
Description
A use-after-free vulnerability (CVE-2025-10911) has been identified in libxslt, a library used for transforming XML files using XSLT stylesheets. This vulnerability involves key data stored cross-RVT, which could lead to memory corruption issues. Red Hat has issued a security advisory with a moderate severity rating and released updated libxslt packages for Red Hat Enterprise Linux 8 to address this issue.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2025-10911 is a use-after-free vulnerability in libxslt related to key data stored cross-RVT. libxslt is a library for transforming XML files into other textual formats using XSLT. The vulnerability could lead to memory corruption due to improper handling of key data. Red Hat Product Security has rated this issue as moderate severity and released patches for Red Hat Enterprise Linux 8 across multiple architectures. The advisory references updated packages that fix the issue by correcting the use-after-free condition.
Potential Impact
The vulnerability could allow an attacker to cause memory corruption in applications using libxslt, potentially leading to crashes or other unintended behavior. No known exploits in the wild have been reported. The impact is rated moderate by Red Hat, indicating a security concern that should be addressed but is not critical.
Mitigation Recommendations
Red Hat has released updated libxslt packages for Red Hat Enterprise Linux 8 that fix this vulnerability. Users should apply the official security update as described in the Red Hat advisory RHSA-2026:26355 and the linked article https://access.redhat.com/articles/11258. No additional mitigations are specified or required beyond applying the official patch.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:26355
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a32705d0b89be68881d4a6c
Added to database: 6/17/2026, 10:01:01 AM
Last enriched: 6/17/2026, 10:05:43 AM
Last updated: 6/17/2026, 12:03:34 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.